Skip to content

test(fuzz): add comprehensive Go fuzz tests #19686

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
sthadka wants to merge 20 commits into
base: master
Choose a base branch
from
Draft

test(fuzz): add comprehensive Go fuzz tests #19686

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
aab7a53
test(search): add fuzz tests for query parser
sthadka Mar 30, 2026
26f4d25
test(x509utils): add fuzz tests for PEM/DER certificate processing
sthadka Mar 30, 2026
2d23a06
test(servicecerttoken): add fuzz test for ParseToken
sthadka Mar 30, 2026
f208a4e
test(saml): add fuzz test for entity descriptor XML unmarshaling
sthadka Mar 30, 2026
3228c08
test(idputil): add fuzz tests for OAuth state parsing
sthadka Mar 30, 2026
315121d
test(netutil): add fuzz test for ParseEndpoint
sthadka Mar 30, 2026
eeb439d
test(net): add fuzz tests for IP address and port parsing
sthadka Mar 30, 2026
1f679d5
test(cvss): add fuzz test for ParseCVSSV3
sthadka Mar 30, 2026
f9d3513
test(booleanpolicy): add fuzz tests for all validation regex patterns
sthadka Mar 30, 2026
6dce922
test(pgconfig): add fuzz test for ParseSource
sthadka Mar 30, 2026
4f50ff9
test(binenc): add fuzz tests for binary encoding with roundtrip
sthadka Mar 30, 2026
56621d4
test(uuid): add fuzz tests for UUID parsing
sthadka Mar 30, 2026
fee46e1
test(protocompat): add fuzz test for RFC3339 timestamp parsing
sthadka Mar 30, 2026
9b5b031
test(k8sobjects): add fuzz test and unit tests for ParseRef
sthadka Mar 30, 2026
16cf0ee
test(mitre): add fuzz tests for MITRE ATT&CK bundle parsing
sthadka Mar 30, 2026
1c2e50c
test(download): add fuzz test for Content-Disposition header parsing
sthadka Mar 30, 2026
398b8e6
test(endpoints): add fuzz test for legacy endpoint spec parsing
sthadka Mar 30, 2026
7499bcb
test(search/parser): add fuzz test for URL query parsing
sthadka Mar 30, 2026
943d543
fix(fuzz): address PR review feedback
sthadka Mar 30, 2026
f8c2863
fix(fuzz): replace test passwords flagged by GitGuardian
sthadka Mar 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 62 additions & 0 deletions central/endpoints/legacy_spec_fuzz_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
package endpoints

import (
"testing"
)

// FuzzParseLegacySpec tests ParseLegacySpec with arbitrary input strings to ensure it never panics.
// The parser should handle any malformed input gracefully.
func FuzzParseLegacySpec(f *testing.F) {
// Seed with valid examples from existing tests
f.Add("")
f.Add("8080")
f.Add(":8080")
f.Add("grpc@:8443")
f.Add("http@:8080")
f.Add("grpc@:8443,http@:8080")
f.Add(":8080, http@127.0.0.1:8081")
f.Add("grpc@localhost:8443")
f.Add("http @ http, grpc @ 127.0.0.1:https, grpc@:8082, localhost:8080, http@127.0.0.1:10080")

// Seed with edge cases
f.Add("@")
f.Add("@@")
f.Add("@:8080")
f.Add("grpc@")
f.Add(",,,")
f.Add(" ")
f.Add("grpc @ @ :8080")
f.Add("grpc@:8443,")
f.Add(",grpc@:8443")
f.Add("grpc@:8443,,http@:8080")

// Seed with potentially problematic inputs
f.Add("grpc@localhost:8443@extra")
f.Add("http@:8080@http@:8081")
f.Add("very-long-protocol-name@:8080")
f.Add("grpc@very-long-hostname-that-might-cause-issues.example.com:8443")
f.Add("🚀@:8080") // Unicode
f.Add("grpc\n@:8080") // Newline
f.Add("grpc\t@:8080") // Tab

f.Fuzz(func(t *testing.T, input string) {
// The parser should never panic on any input
// We don't assert specific output because the function is lenient by design
// It should handle malformed input gracefully
result := ParseLegacySpec(input, nil)

// Basic sanity checks: result should never be nil if we got here without panic
// Each config should have a Listen address (even if empty after trimming)
for _, cfg := range result {
// Ensure Protocols is either nil or has strings
// This validates the internal structure is consistent
if cfg.Protocols != nil && len(cfg.Protocols) > 0 {

Check failure on line 53 in central/endpoints/legacy_spec_fuzz_test.go

View workflow job for this annotation

GitHub Actions / golangci-lint 

S1009: should omit nil check; len() for nil slices is defined as zero (staticcheck)
for _, proto := range cfg.Protocols {
_ = proto // Ensure we can read each protocol string
}
}
Comment on lines +53 to +57
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

cat -n central/endpoints/legacy_spec_fuzz_test.go | head -70 | tail -30

Repository: stackrox/stackrox

Length of output: 1405

🏁 Script executed:

# Check if there's lint configuration in the repo
find . -maxdepth 2 -type f \( -name ".golangci.yml" -o -name ".golangci.yaml" -o -name "golangci.yml" \) 2>/dev/null | head -5

Repository: stackrox/stackrox

Length of output: 76

🏁 Script executed:

# Search for any staticcheck configuration or comments
rg "staticcheck|S1009" . -t go -A 2 -B 2

Repository: stackrox/stackrox

Length of output: 1224

🏁 Script executed:

# Read the golangci configuration
cat .golangci.yml

Repository: stackrox/stackrox

Length of output: 6155

🏁 Script executed:

# Search specifically for S1009 in staticcheck documentation or any references
rg "S1009" . -t go -t yml -t yaml

Repository: stackrox/stackrox

Length of output: 88

🏁 Script executed:

# Verify Go semantics: check if len(nilSlice) == 0 is actually true
python3 << 'EOF'
# Go language specification verification
# According to Go spec: For slices, arrays and strings, the indices are in range
# if 0 <= low <= high <= len(a), otherwise they are out of range.
# For arrays or strings, the indices are in range if 0 <= low <= high <= len(a)
# len(nil) is 0 for slices in Go (undefined for nil non-slice types)

print("""
Go Language Specification for len():
- For slices: len(nilSlice) == 0 (defined behavior)
- For arrays: must be non-nil
- For strings: must be non-nil
- For maps: len(nilMap) == 0 (defined behavior)
- For channels: len(nilChan) == 0 (defined behavior)

Therefore: cfg.Protocols != nil check is redundant if cfg.Protocols is a slice
and the intent is just to check if it has elements.
""")
EOF

Repository: stackrox/stackrox

Length of output: 445

🏁 Script executed:

# Check the actual type definition of cfg.Protocols
rg "type.*Config.*struct|Protocols" central/endpoints -A 5 -B 2 | head -40

Repository: stackrox/stackrox

Length of output: 2680

🏁 Script executed:

# Search for any CI configuration or test results that might show lint failures
find . -maxdepth 3 -type f \( -name "*.yml" -o -name "*.yaml" -o -name "Makefile" -o -name ".github" \) 2>/dev/null | head -10

Repository: stackrox/stackrox

Length of output: 442

🏁 Script executed:

# Search for similar patterns to see if redundant nil checks are generally flagged/fixed in codebase
rg "if .+ != nil && len\(" . -t go | head -20

Repository: stackrox/stackrox

Length of output: 2375

Remove the redundant nil guard.

In Go, len(nilSlice) safely returns 0, so cfg.Protocols != nil is logically unnecessary before the len() check. While the pattern is defensible as defensive programming, it can be simplified.

Suggested change 
-			if cfg.Protocols != nil && len(cfg.Protocols) > 0 {
+			if len(cfg.Protocols) > 0 {
🧰 Tools
🪛 GitHub Actions: Style

[error] 53-53: golangci-lint (staticcheck) S1009: should omit nil check; len() for nil slices is defined as zero

🪛 GitHub Check: golangci-lint

[failure] 53-53:
S1009: should omit nil check; len() for nil slices is defined as zero (staticcheck)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@central/endpoints/legacy_spec_fuzz_test.go` around lines 53 - 57, The nil
guard before checking length is redundant: in the block inside
legacy_spec_fuzz_test.go remove the "cfg.Protocols != nil &&" part and either
check "len(cfg.Protocols) > 0" alone or simply range over "cfg.Protocols" (for
_, proto := range cfg.Protocols { _ = proto }) since len(nil) == 0 and ranging a
nil slice is safe; update the conditional/loop around cfg.Protocols accordingly.

// Ensure Listen is a valid string (can be empty)
_ = cfg.Listen
}
})
}
Loading
Loading