Add public-input fuzzing CI#2478
Draft
tob-scott-a wants to merge 1 commit into
Draft
Conversation
Signed-off-by: Scott Arciszewski <scott.arciszewski@trailofbits.com>
3ce1e00 to
c0bb5bd
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR replaces the old generic fuzzing setup with a public-input-oriented fuzzing system that is much closer to the real attack surface.
The old fuzzers mostly generated valid keypairs/signatures internally and checked that round trips succeeded. That was useful as a smoke test, but it did not spend much time mutating attacker-controlled bytes that reach decoders and deserializers. This PR shifts the focus to malformed public keys, ciphertexts, signatures, contexts, and serialized stateful key material.
To that end, we added five dedicated fuzz targets:
The shared fuzzing infrastructure is new as well:
tests/fuzz/fuzz_helpers.*
Implements a compact 5-byte seed header:
Provides deterministic PRNG seeding
Provides cursor-based input parsing and patch helpers
Loads STFL KATs from existing tests/KATs/sig_stfl/... files
Builds minimal LMS serialized key baselines
tests/fuzz/fuzz_kem_cache.*
tests/fuzz/fuzz_sig_cache.*
The corpus system is also new. tests/fuzz/generate_corpus.py walks the algorithm registries in
src/kem/kem.c,src/sig/sig.c, andsrc/sig_stfl/sig_stfl.c, then generates one tiny 5-byte corpus seed per algorithm/mode combination. There are 926 seed files total:Those seeds are intentionally tiny. They do not contain real objects; they only select the algorithm and mode. The harness reconstructs valid baselines in memory and then mutates them. That keeps the fuzzers in deep parsing paths instead of spending most iterations on trivially invalid garbage.
The CI changes are substantial:
The smoke profile uses:
There are also build-system changes to support this:
The net effect is that the branch turns fuzzing from a basic “does this algorithm still work” check into a real malformed-input security harness for the generic public APIs and stateful deserialization paths.
These documents were generated by Codex-5.5-Cyber as part of the Patch the Planet program.