Comments (4)
horvski
commented on July 18, 2024
1
@clfs Would you mind sharing the fuzzing code you used to discover this?
from coze.
clfs
commented on July 18, 2024
1
Sure! Drop this in mapslice_test.go:
func FuzzMapSliceJSONRoundTrip(f *testing.F) {
f.Add([]byte(`{"foo": [123, 456]}`))
f.Fuzz(func(t *testing.T, b []byte) {
var m MapSlice
if err := json.Unmarshal(b, &m); err != nil {
return
}
data, err := json.Marshal(m)
if err != nil {
t.Fatalf("marshal: %v", err)
}
var m2 MapSlice
if err := json.Unmarshal(data, &m2); err != nil {
t.Fatalf("unmarshal again: %v", err)
}
data2, err := json.Marshal(m2)
if err != nil {
t.Fatalf("marshal again: %v", err)
}
if !bytes.Equal(data, data2) {
t.Fatalf("marshals differ: %q != %q", data, data2)
}
})
}Then run it (I deleted the cache, so the failing input looks different):
calvin@mbp Coze % go test -fuzz FuzzMapSliceJSONRoundTrip .
fuzz: elapsed: 0s, gathering baseline coverage: 0/1 completed
fuzz: elapsed: 0s, gathering baseline coverage: 1/1 completed, now fuzzing with 10 workers
fuzz: elapsed: 3s, execs: 763910 (254609/sec), new interesting: 228 (total: 229)
fuzz: elapsed: 6s, execs: 1601985 (279341/sec), new interesting: 272 (total: 273)
fuzz: elapsed: 9s, execs: 2444368 (280836/sec), new interesting: 291 (total: 292)
fuzz: elapsed: 12s, execs: 3289903 (281844/sec), new interesting: 306 (total: 307)
fuzz: elapsed: 15s, execs: 4126384 (278823/sec), new interesting: 315 (total: 316)
fuzz: minimizing 88-byte failing input file
fuzz: elapsed: 18s, minimizing
fuzz: elapsed: 18s, minimizing
--- FAIL: FuzzMapSliceJSONRoundTrip (18.23s)
--- FAIL: FuzzMapSliceJSONRoundTrip (0.00s)
fuzz_test.go:68: marshal: json: error calling MarshalJSON for type coze.MapSlice: invalid character 'x' in string escape code
Failing input written to testdata/fuzz/FuzzMapSliceJSONRoundTrip/db149316aeed8ab9
To re-run:
go test -run=FuzzMapSliceJSONRoundTrip/db149316aeed8ab9
FAIL
exit status 1
FAIL github.com/cyphrme/coze 18.524s
calvin@mbp Coze % cat testdata/fuzz/FuzzMapSliceJSONRoundTrip/db149316aeed8ab9
go test fuzz v1
[]byte("{\"\x7f\":0}")
calvin@mbp Coze %
from coze.
zamicol
commented on July 18, 2024
We're taking a look.
from coze.
zamicol
commented on July 18, 2024
Fixed by b02966e. The problem was MapSlice.MarshalJSON was doing fmt with a %+q when it should just call Marshal again.
from coze.
Related Issues (20)
- MapItem is unsafe, and MapSlice does not have a well-defined order HOT 53
- Expunge "cryptographic agility" from Coze vocabulary HOT 2
- Make new repositories for the specification and implementations
- JSON doesn't define "integer" -- int values need to be strings HOT 11
- Use JSONv2 when production ready HOT 2
- Further constraints on Ed25519
- Base64 encoding can only elide padding when the size of encoded data is known HOT 7
- Enforce Canonical Base 64 encoding. HOT 3
- Think about adding "MustMarshal" and "MarshalPretty"
- Consider documenting that `rvk` denotes expiry for Coze keys. HOT 2
- implement pure python or python wrapper lib HOT 2
- implement kyber (liboqs) ciphers for Coze HOT 3
- Unsigned Alg and Tmb
- Active HOT 5
- Duplicate JSON keys create misleading verification results in the web UI HOT 1
- Issues HOT 2
- 404 in Readme.md HOT 1
- Locally hosted Cyphr.me's verifier.
- Godoc in 1.19 does not appear to link to packages as documented.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from coze.