etr
Add fuzzing test for libhttpserver and submit to oss-fuzz
Requirements for Adding the fuzzing test
Fuzzing is a well-known technique to unravel security vulnerabilities and programming errors in the code.
This PR is aimed to add fuzz tests to libhttpserver using LLVM's LibFuzzer with a goal to integrate libhttpserver to oss-fuzz.
Issue or RFC Endorsed by Maintainers
https://github.com/etr/libhttpserver/commit/bcd12d363fdc90df0c87779379f9548559f5f604 --> This bug was found from the fuzz testing.
Description of the Change
Following changes are made following the oss-fuzz guide
- Add a fuzz target to test the HTTP server
- Add seed corpus to help LibFuzzer generate meaningful inputs
The fuzz targets are not integrated with the build system of the library. Instructions to build and run the fuzz targets are mentioned in the README.md
Alternate Designs
N/A
Possible Drawbacks
N/A
Verification Process
The fuzz target is locally built and verified to run by following these steps
Release Notes
- N/A
Codecov Report
Merging #213 (aa058fe) into master (7cb4eb8) will increase coverage by
0.01%. The diff coverage isn/a.
@@ Coverage Diff @@
## master #213 +/- ##
==========================================
+ Coverage 95.60% 95.62% +0.01%
==========================================
Files 35 35
Lines 3233 3246 +13
==========================================
+ Hits 3091 3104 +13
Misses 142 142
| Impacted Files | Coverage Δ | |
|---|---|---|
| test/unit/http_utils_test.cpp | 100.00% <0.00%> (ø) |
|
| src/http_utils.cpp | 99.17% <0.00%> (+<0.01%) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 7cb4eb8...aa058fe. Read the comment docs.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}