|
shim takes several forms of input from several sources that are not
necessarily trustworthy. As such, we need to take measures to validate
that we don't have unacceptable results from bad inputs. One such
measure is "fuzzing" the inputs which parse untrusted data by running
them with randomized or partially randomized input.
This change adds such testing using clang's "libFuzzer" to our CSV
parser. I've run this on 24-cores at 4GHz for half an hour, and so far
each fuzzer has converged on 79% coverage. I expect the 21% that's not
getting covered are the EFI API mock interfaces we're building in from
test.c and similar. So far no errors have been found, which is what was
expected since this particular API is being manually fuzzed with ~8kB of
/dev/urandom on every build since 2021-02-23.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
