23 lines
1,009 B
Rust
23 lines
1,009 B
Rust
#![no_main]
|
|
use libfuzzer_sys::fuzz_target;
|
|
use soliton::storage::{decrypt_blob, StorageKey, StorageKeyRing};
|
|
|
|
// Distinct keys per version — catches version-routing bugs that identical keys would hide.
|
|
const FUZZ_KEY_V1: [u8; 32] = [0x42; 32];
|
|
const FUZZ_KEY_V2: [u8; 32] = [0x43; 32];
|
|
const FUZZ_KEY_V3: [u8; 32] = [0x44; 32];
|
|
|
|
fuzz_target!(|data: &[u8]| {
|
|
// Build a keyring with versions 1-3 so version routing is exercised.
|
|
let key1 = StorageKey::new(1, FUZZ_KEY_V1).unwrap();
|
|
let key2 = StorageKey::new(2, FUZZ_KEY_V2).unwrap();
|
|
let key3 = StorageKey::new(3, FUZZ_KEY_V3).unwrap();
|
|
let mut ring = StorageKeyRing::new(key1).unwrap();
|
|
let _ = ring.add_key(key2, false);
|
|
let _ = ring.add_key(key3, false);
|
|
|
|
// decrypt_blob must never panic regardless of input.
|
|
// AEAD rejects most mutations; the pre-AEAD parsing paths
|
|
// (version routing, flag validation, length checks) are the target.
|
|
let _ = decrypt_blob(&ring, data, "fuzz-channel", "fuzz-segment");
|
|
});
|