-
Notifications
You must be signed in to change notification settings - Fork 330
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OSS-Fuzz: Add more fuzzer #988
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Arthur Chan <[email protected]>
Manishearth
approved these changes
Oct 29, 2024
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #988 +/- ##
=======================================
Coverage ? 82.37%
=======================================
Files ? 22
Lines ? 3580
Branches ? 0
=======================================
Hits ? 2949
Misses ? 631
Partials ? 0 ☔ View full report in Codecov by Sentry. |
kodiakhq bot
pushed a commit
to pdylanross/fatigue
that referenced
this pull request
Nov 5, 2024
Bumps url from 2.5.2 to 2.5.3. Release notes Sourced from url's releases. v2.5.3 What's Changed fix: enable wasip2 feature for wasm32-wasip2 target by @brooksmtownsend in servo/rust-url#960 Fix idna tests with no_std by @cjwatson in servo/rust-url#963 Fix debugger_visualizer test failures. by @valenting in servo/rust-url#967 Add AsciiSet::EMPTY and boolean operators by @joshka in servo/rust-url#969 mention why we pin unicode-width by @Manishearth in servo/rust-url#972 refactor and add tests for percent encoding by @joshka in servo/rust-url#977 Add a test for and fix issue #974 by @hansl in servo/rust-url#975 no_std support for the url crate by @domenukk in servo/rust-url#831 Normalize URL paths: convert /.//p, /..//p, and //p to p by @theskim in servo/rust-url#943 support Hermit by @m-mueller678 in servo/rust-url#985 fix: support wasm32-wasip2 on the stable channel by @brooksmtownsend in servo/rust-url#983 Improve serde error output by @konstin in servo/rust-url#982 OSS-Fuzz: Add more fuzzer by @arthurscchan in servo/rust-url#988 Merge idna-v1x to main by @hsivonen in servo/rust-url#990 New Contributors @brooksmtownsend made their first contribution in servo/rust-url#960 @cjwatson made their first contribution in servo/rust-url#963 @joshka made their first contribution in servo/rust-url#969 @hansl made their first contribution in servo/rust-url#975 @theskim made their first contribution in servo/rust-url#943 @m-mueller678 made their first contribution in servo/rust-url#985 @konstin made their first contribution in servo/rust-url#982 @arthurscchan made their first contribution in servo/rust-url#988 Full Changelog: servo/[email protected] Commits 8a683ff Merge idna-v1x to main (#990) 08a3268 OSS-Fuzz: Add more fuzzers (#988) 5d363cc Improve serde error output (#982) 30e6258 fix: support wasm32-wasip2 on stable channel (#983) bf089c4 support hermit (#985) b08a655 Normalize URL paths: convert /.//p, /..//p, and //p to p (#943) ebd5cfb no_stdsupport for the url crate (#831) 7eccac9 Add a test for and fix issue #974 (#975) 710e1e7 refactor and add tests for percent encoding (#977) 6050a6e mention why we pin unicode-width (#972) Additional commits viewable in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot merge will merge this PR after your CI passes on it @dependabot squash and merge will squash and merge this PR after your CI passes on it @dependabot cancel merge will cancel a previously requested merge and block automerging @dependabot reopen will reopen this PR if it is closed @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I’ve noticed that this project is already included in OSS-Fuzz for fuzzing (https://github.com/google/oss-fuzz/tree/39036e0ed94fefa958d7c9a20a69619c832b682a/projects/servo), although current code coverage seems somewhat limited. This pull request proposes adding a new fuzzer that targets additional URL functions beyond parsing, complementing the existing
parse.rs
fuzzer. Whileparse.rs
focuses on basic parsing validation,fuzz-url.rs
explores functions for setting queries, fragments, paths, and hosts, which can help reveal more edge cases. Any feedback or suggestions would be much appreciated. Thank you.