Devin comments added, asked Devin to verify that Serialization matche…

…s original input, as well
mongodb · Dec 11, 2024 · 17654e8 · 17654e8
1 parent 21c25e4
commit 17654e8
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 2 deletions.
diff --git a/fuzz/fuzz_targets/malformed_length.rs b/fuzz/fuzz_targets/malformed_length.rs
@@ -1,5 +1,15 @@
+//! BSON Document Length Field Fuzzer
+//!
+//! This fuzz test focuses on finding security vulnerabilities related to BSON document length
+//! fields. It specifically targets:
+//! - Integer overflow/underflow in length calculations
+//! - Malformed length fields that could cause buffer overruns
+//! - Mismatches between declared and actual document sizes
+//! - Memory allocation issues with large or invalid lengths
+
 #![no_main]
-#[macro_use] extern crate libfuzzer_sys;
+#[macro_use]
+extern crate libfuzzer_sys;
 extern crate bson;
 use bson::RawDocument;
 

diff --git a/fuzz/fuzz_targets/serialization.rs b/fuzz/fuzz_targets/serialization.rs
@@ -1,3 +1,4 @@
+//! Document serialization consistency
 #![no_main]
 #[macro_use]
 extern crate libfuzzer_sys;
@@ -48,6 +49,25 @@ fuzz_target!(|buf: &[u8]| {
                 }
             }
         }
-        let _ = doc_buf.into_bytes();
+        let output_bytes = doc_buf.into_bytes();
+        if let Ok(reserialized_doc) = RawDocument::from_bytes(&output_bytes) {
+            assert_eq!(doc.as_bytes().len(), reserialized_doc.as_bytes().len());
+            let orig_elements: Vec<_> = doc.iter_elements().flatten().collect();
+            let reser_elements: Vec<_> = reserialized_doc.iter_elements().flatten().collect();
+            assert_eq!(
+                orig_elements.len(),
+                reser_elements.len(),
+                "Document element count mismatch"
+            );
+            for (orig, reser) in orig_elements.iter().zip(reser_elements.iter()) {
+                assert_eq!(orig.key(), reser.key(), "Key mismatch");
+                assert_eq!(
+                    orig.value(),
+                    reser.value(),
+                    "Value mismatch for key {}",
+                    orig.key()
+                );
+            }
+        }
     }
 });
diff --git a/fuzz/fuzz_targets/string_handling.rs b/fuzz/fuzz_targets/string_handling.rs
@@ -1,3 +1,4 @@
+//! Ensure correctness of UTF-8 and string parsing
 #![no_main]
 #[macro_use]
 extern crate libfuzzer_sys;

diff --git a/fuzz/fuzz_targets/type_markers.rs b/fuzz/fuzz_targets/type_markers.rs
@@ -1,3 +1,4 @@
+//! BSON type marker validation
 #![no_main]
 #[macro_use]
 extern crate libfuzzer_sys;