Add HTTP/3 fuzzing harness#97
Conversation
HTTP/3 appears to fail with it set to /dev/null
cmeister2
left a comment
cmeister2
left a comment
There was a problem hiding this comment.
I'm a little dubious about the direction here; rather than http3 interfering with working builds (and the proper openssl) I'd be pushing for a separate library install directory just for http3.
|
|
||
| # Teach ngtcp2 about sockets | ||
| pushd $1 | ||
| patch -p1 <<'EOF' |
There was a problem hiding this comment.
Inlining the patch here is nasty. I'd rather this were in a patch file.
There was a problem hiding this comment.
Also, doing this via a patch mechanism severely limits updating this dependency in the future. What's the long-term plan here - add support to ngtcp2 upstream?
There was a problem hiding this comment.
Yeah, having the patch here is not a permanent solution. The long-term plan would be to work with ngtcp2 to make it more fuzzing friendly -- e.g. by allowing it to work with AF_UNIX sockets like this patch does.
There was a problem hiding this comment.
@bagder do you have an opinion here? In my experience this kind of mechanism is fairly brittle; I don't know if it's something we want to support moving forwards.
|
|
||
| pushd ${SRCDIR} | ||
|
|
||
| # TODO: Ignore HTTP3 socket connection failures |
|
|
||
| pushd ${SRCDIR} | ||
|
|
||
| # TODO: Ignore HTTP3 socket connection failures |
There was a problem hiding this comment.
why is this a TODO? Should it be?
| rc = connect(ctx->sock, &ctx->addr.sa_addr, ctx->addr.addrlen); | ||
| if(-1 == rc) { | ||
| - return socket_connect_result(data, ctx->r_ip, SOCKERRNO); | ||
| + /* return socket_connect_result(data, ctx->r_ip, SOCKERRNO); */ |
There was a problem hiding this comment.
This feels wrong - why are we disabling this?
There was a problem hiding this comment.
This is quite hacky as you noticed, so I've specially marked it with a TODO. The harness uses AF_UNIX sockets and it makes the connect() call fail, which blocks fuzzing. Ideally we would have something nicer than this patch on cURL itself, to allow for fuzzing to proceed.
|
|
||
| # Install openssl | ||
| ${SCRIPTDIR}/handle_x.sh openssl ${OPENSSLDIR} ${INSTALLDIR} || exit 1 | ||
| # ${SCRIPTDIR}/handle_x.sh openssl ${OPENSSLDIR} ${INSTALLDIR} || exit 1 |
There was a problem hiding this comment.
If this is the solution, commenting this out is wrong. Remove the block altogether.
| "QUICTLS_VERSION=(?<currentValue>.*)\\s" | ||
| ], | ||
| "datasourceTemplate": "github-tags", | ||
| "depNameTemplate": "openssl/openssl", |
There was a problem hiding this comment.
I think this actually wants to be quictls/openssl
There was a problem hiding this comment.
good catch! I'll get that changed
|
|
||
| # Teach ngtcp2 about sockets | ||
| pushd $1 | ||
| patch -p1 <<'EOF' |
There was a problem hiding this comment.
@bagder do you have an opinion here? In my experience this kind of mechanism is fairly brittle; I don't know if it's something we want to support moving forwards.
3 participants
This PR implements support for building cURL with QuicTLS, ngtcp2 and nghttp3 and adds a new harness,
curl_fuzzer_http3, that fuzzes the HTTP/3 implementation.scripts/download_ngtcp2.shincludes a patch that adds minimal support on ngtcp2 for usingAF_UNIXsockets.scripts/install_curl.shincludes a patch to disable failing when callingconnect()on the QUIC socket (as it will fail if you're using an AF_UNIX socket, like the fuzzer does).