Skip to content

Latest commit

 

History

History
 
 

fuzzing

Fuzz-testing of various parsers, mocked examples and system libraries

A secure web server must be capable of receiving mass amount of malicious input without misbehaving or performing illegal actions, such as stepping outside of a memory block or otherwise spilling the beans.

Continuous fuzzing under various sanitizers is done as part of the Google OSS-Fuzz project:

  • UndefinedBehaviorSanitizer
  • AddressSanitizer
  • MemorySanitizer

Overall coverage is about 95% for both uSockets and uWebSockets, all source code included

Currently the following parts are individually fuzzed:

  • WebSocket handshake generator
  • WebSocket message parser
  • WebSocket extensions parser & negotiator
  • WebSocket permessage-deflate compression/inflation helper
  • Http parser (with and without Proxy Protocol v2)
  • Http method/url router
  • Pub/sub "topic tree"

While some targets are entire (mocked) example apps

  • libEpollFuzzer mocks the kernel syscalls and allows to cover a lot of uSockets source code.
  • A mock implementation of uSockets allows to cover a lot of the inbetween logic of uWebSockets.