Fuzz individual Decode methods directly. This provides better coverage than going through Frontend/Backend.Receive because there is no message framing overhead and the fuzzer can explore the full input space of each decoder.
(f *testing.F)
| 102 | // overhead and the fuzzer can explore the full input space of each decoder. |
| 103 | |
| 104 | func FuzzBind(f *testing.F) { |
| 105 | f.Add([]byte{0, 0, 0, 0, 0, 1, 0, 0, 0, 1}) |
| 106 | f.Add([]byte{0, 0, 0, 0, 0, 1, 0xFF, 0xFF, 0xFF, 0xFF}) // NULL param |
| 107 | f.Add([]byte{0, 0, 0, 0, 0, 1, 0xFF, 0xFF, 0xFF, 0xFE}) // negative param length |
| 108 | f.Add([]byte{}) |
| 109 | f.Fuzz(func(t *testing.T, data []byte) { |
| 110 | var msg pgproto3.Bind |
| 111 | msg.Decode(data) // must not panic |
| 112 | }) |
| 113 | } |
| 114 | |
| 115 | func FuzzDataRow(f *testing.F) { |
| 116 | f.Add([]byte{0, 1, 0, 0, 0, 3, 'a', 'b', 'c'}) |