extern/nushell
1
0
Fork 1
mirror of https://github.com/nushell/nushell.git synced 2025-02-22 13:31:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
a2e335dcd7
nushell/crates/nu-parser/fuzz
History
Stefan Holderbach 55c7246830
Fuzz more realistically with keyword const eval (#15036) 
# Description
The parsing logic for several of our keywords is conditional on the
particular commands for those keywords being in scope:


942030199d/crates/nu-parser/src/parse_keywords.rs (L272-L279)

Thus the following involved parsing logic was not fuzzed by the existing
`parse` fuzz target so far.

This adds an additional fuzz target `parse_with_keywords` that loads the
commands from `nu-cmd-lang`. Those are primarily the keyword
implementations, thus the relevant code paths in the parser that depend
on those `DeclId`s and the potential const eval of `if` etc. get
unlocked.

The existing `parse` target is preserved if you have concerns about the
fuzzing breaking containment in some form due to those commands.

# Tests + Formatting
Found https://github.com/nushell/nushell/issues/14972 with this target
2025-02-07 23:50:47 +01:00
..
fuzz_targets Fuzz more realistically with keyword const eval (#15036) 2025-02-07 23:50:47 +01:00
.gitignore Add 2 fuzzers for nu-path, nu-parser (#10376) 2023-09-16 22:32:53 +02:00
Cargo.toml Fuzz more realistically with keyword const eval (#15036) 2025-02-07 23:50:47 +01:00
gather_seeds.nu Add 2 fuzzers for nu-path, nu-parser (#10376) 2023-09-16 22:32:53 +02:00
README.md Fuzz more realistically with keyword const eval (#15036) 2025-02-07 23:50:47 +01:00
rust-toolchain.toml Add 2 fuzzers for nu-path, nu-parser (#10376) 2023-09-16 22:32:53 +02:00

README.md

Fuzzer for nu-parser

Quick start guide

  • Install cargo-fuzz by cargo install cargo-fuzz
  • Run gather_seeds.nu for preparing the initial seeds corpus. This pulls .nu files in the nushell repository as checked out and uses them as a starting of point. You can add additional files to increase diversity.
  • Make an output directory mkdir out
  • Run the fuzzer with cargo fuzz run parse out seeds where parse is the name of the target

Targets

  • parse just pulls in nu-parser and reaches the lexing and parsing logic. No command gets executed.
  • parse_with_keywords also loads nu-cmd-lang providing the command implementations for the core keywords. This permits the fuzzer to reach more code paths as some parts depend on the availability of those declarations. This may also execute the const eval code paths of the keyword commands. As of now this command set should not have negative side effects upon const eval. The overall code is not executed by this target.