Add corpus-builder scripts when corpus files are available; auto-run artifacts in test suite

codex · Byron · Byron · commit e64e3b8c3454 · 2026-04-24T11:30:48.000+08:00
Co-authored-by: Sebastian Thiel &lt;sebastian.thiel@icloud.com&gt;
diff --git a/etc/fuzz-corpus-builder.sh b/etc/fuzz-corpus-builder.sh
@@ -0,0 +1,57 @@
+# Shared helper for libFuzzer corpus builder scripts.
+#
+# Usage from a fuzz target-specific builder:
+#
+#   root="$(readlink -f -- "$1")"
+#   output_corpus="$2"
+#   source "$root/etc/fuzz-corpus-builder.sh"
+#   build_fuzz_corpus "$root" "$output_corpus" "gix-pack" "index_file"
+#
+# The target-specific script is invoked by Google OSS Fuzz and
+# their build script at https://github.com/google/oss-fuzz/blob/master/projects/gitoxide/build.sh
+# with the repository root and the output zip path.
+# This helper adds all files from:
+#
+#   <crate>/fuzz/corpus/<target>/*
+#
+# If present, it also adds files from:
+#
+#   <crate>/fuzz/artifacts/<target>/*
+#
+# Corpus files and artifact files are zipped with `-j`, matching the flat corpus
+# archive layout it expects. Empty input groups are skipped so artifact-only
+# targets can still produce a corpus archive. Artifacts are added in a separate
+# zip invocation so a duplicate basename updates the archive instead of making
+# zip fail with "cannot repeat names in zip file".
+build_fuzz_corpus() {
+    local root="$1"
+    local output_corpus="$2"
+    local crate="$3"
+    local target="$4"
+    local fuzz_dir
+    local corpus_dir
+    local artifacts_dir
+
+    fuzz_dir="$(readlink -f -- "$root/$crate/fuzz")"
+    corpus_dir="$fuzz_dir/corpus/$target"
+    artifacts_dir="$fuzz_dir/artifacts/$target"
+
+    echo "$root"
+    echo "$corpus_dir"
+    echo "$artifacts_dir"
+
+    shopt -s nullglob
+
+    local corpus_files=("$corpus_dir"/*)
+    if ((${#corpus_files[@]})); then
+        zip -j "$output_corpus" "${corpus_files[@]}"
+    fi
+
+    if [[ -d "$artifacts_dir" ]]; then
+        local artifact_files=("$artifacts_dir"/*)
+        if ((${#artifact_files[@]})); then
+            # A second zip invocation updates duplicate basenames instead of aborting.
+            zip -j "$output_corpus" "${artifact_files[@]}"
+        fi
+    fi
+}
diff --git a/gix-actor/fuzz/fuzz_targets/actors_corpus_builder.sh b/gix-actor/fuzz/fuzz_targets/actors_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-actor" "actors"
diff --git a/gix-bitmap/fuzz/README.md b/gix-bitmap/fuzz/README.md
@@ -0,0 +1,25 @@
+# Fuzz Testing
+
+This directory contains fuzz tests for `gix-bitmap` using [cargo-fuzz](https://rust-fuzz.github.io/book/cargo-fuzz.html).
+
+## Running Fuzz Tests
+
+### Prerequisites
+- Nightly Rust toolchain: `rustup install nightly`
+- cargo-fuzz: `cargo install cargo-fuzz`
+
+### Targets
+- `ewah`: exercises EWAH bitmap decoding.
+
+### Running the target
+```bash
+cargo +nightly fuzz run ewah -- -max_total_time=60
+```
+
+## Artifact Reproducers
+
+The `artifacts/ewah` directory contains minimized reproducer inputs produced by libFuzzer or Google OSS-Fuzz.
+
+The integration test module `fuzzed` reads every regular file in that directory and runs it through the parser under test. This lets `cargo test -p gix-bitmap fuzzed` reproduce known fuzz failures without starting a fuzzing session.
+
+When OSS-Fuzz reports a new failure, place the minimized testcase in `artifacts/ewah`, then run `cargo test -p gix-bitmap fuzzed`. To confirm it against the original harness, run `cargo fuzz run ewah artifacts/ewah/<reproducer>` from this directory.
diff --git a/gix-bitmap/fuzz/fuzz_targets/ewah_corpus_builder.sh b/gix-bitmap/fuzz/fuzz_targets/ewah_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-bitmap" "ewah"
diff --git a/gix-bitmap/tests/bitmap.rs b/gix-bitmap/tests/bitmap.rs
@@ -1,4 +1,12 @@
 mod fuzzed {
+    #[test]
+    fn ewah_artifacts_run_fuzzer() {
+        for path in artifact_paths("ewah") {
+            let data = std::fs::read(path).expect("artifact is readable");
+            let _ = gix_bitmap::ewah::decode(&data);
+        }
+    }
+
     #[test]
     fn runaway_run_length_is_rejected() {
         let (bitmap, rest) = gix_bitmap::ewah::decode(include_bytes!(
@@ -13,4 +21,18 @@ mod fuzzed {
             "impossible run lengths must be rejected instead of iterating unboundedly"
         );
     }
+
+    fn artifact_paths(target: &str) -> Vec<std::path::PathBuf> {
+        std::fs::read_dir(
+            std::path::PathBuf::from(env!("CARGO_MANIFEST_DIR"))
+                .join("fuzz/artifacts")
+                .join(target),
+        )
+        .ok()
+        .into_iter()
+        .flatten()
+        .filter_map(Result::ok)
+        .map(|entry| entry.path())
+        .collect()
+    }
 }
diff --git a/gix-command/fuzz/fuzz_targets/prepare_corpus_builder.sh b/gix-command/fuzz/fuzz_targets/prepare_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-command" "prepare"
diff --git a/gix-config/fuzz/fuzz_targets/fuzz_file_corpus_builder.sh b/gix-config/fuzz/fuzz_targets/fuzz_file_corpus_builder.sh
diff --git a/gix-credentials/fuzz/fuzz_targets/context_corpus_builder.sh b/gix-credentials/fuzz/fuzz_targets/context_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-credentials" "context"
diff --git a/gix-ignore/fuzz/fuzz_targets/ignore_corpus_builder.sh b/gix-ignore/fuzz/fuzz_targets/ignore_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-ignore" "ignore"
diff --git a/gix-index/fuzz/README.md b/gix-index/fuzz/README.md
@@ -15,3 +15,11 @@ This directory contains fuzz tests for `gix-index` using [cargo-fuzz](https://ru
 ```bash
 cargo +nightly fuzz run index_file -- -max_total_time=60
 ```
+
+## Artifact Reproducers
+
+The `artifacts/index_file` directory contains minimized reproducer inputs produced by libFuzzer or Google OSS-Fuzz.
+
+The integration test module `fuzzed` reads every regular file in that directory and runs it through the parser under test. This lets `cargo test -p gix-index-tests fuzzed` reproduce known fuzz failures without starting a fuzzing session.
+
+When OSS-Fuzz reports a new failure, place the minimized testcase in `artifacts/index_file`, then run `cargo test -p gix-index-tests fuzzed`. To confirm it against the original harness, run `cargo fuzz run index_file artifacts/index_file/<reproducer>` from this directory.
diff --git a/gix-index/fuzz/fuzz_targets/index_file_corpus_builder.sh b/gix-index/fuzz/fuzz_targets/index_file_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-index" "index_file"
diff --git a/gix-index/tests/index/fuzzed.rs b/gix-index/tests/index/fuzzed.rs
@@ -1,4 +1,5 @@
 use filetime::FileTime;
+use std::path::PathBuf;
 
 fn decode_fuzzed(data: &[u8]) -> Result<(gix_index::State, Option<gix_hash::ObjectId>), gix_index::decode::Error> {
     gix_index::State::from_bytes(
@@ -9,6 +10,14 @@ fn decode_fuzzed(data: &[u8]) -> Result<(gix_index::State, Option<gix_hash::Obje
     )
 }
 
+#[test]
+fn index_file_artifacts_run_fuzzer() {
+    for path in artifact_paths("index_file") {
+        let data = std::fs::read(path).expect("artifact is readable");
+        let _ = decode_fuzzed(&data);
+    }
+}
+
 #[test]
 fn impossible_v4_entry_count_is_rejected_before_reserving() {
     let err = decode_fuzzed(include_bytes!(
@@ -130,3 +139,17 @@ fn alloc_limit_constructor_rejects_oversized_allocations() {
 
     assert!(matches!(err, gix_index::decode::Error::OutOfMemory), "{err:?}");
 }
+
+fn artifact_paths(target: &str) -> Vec<PathBuf> {
+    let dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"))
+        .join("../fuzz/artifacts")
+        .join(target);
+    let Ok(entries) = std::fs::read_dir(dir) else {
+        return Vec::new();
+    };
+    let mut paths = entries
+        .filter_map(|entry| entry.ok().map(|entry| entry.path()))
+        .collect::<Vec<_>>();
+    paths.sort();
+    paths
+}
diff --git a/gix-mailmap/fuzz/fuzz_targets/mailmap_corpus_builder.sh b/gix-mailmap/fuzz/fuzz_targets/mailmap_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-mailmap" "mailmap"
diff --git a/gix-object/fuzz/fuzz_targets/fuzz_commit_corpus_builder.sh b/gix-object/fuzz/fuzz_targets/fuzz_commit_corpus_builder.sh
diff --git a/gix-object/fuzz/fuzz_targets/fuzz_tag_corpus_builder.sh b/gix-object/fuzz/fuzz_targets/fuzz_tag_corpus_builder.sh
diff --git a/gix-object/fuzz/fuzz_targets/fuzz_tree_corpus_builder.sh b/gix-object/fuzz/fuzz_targets/fuzz_tree_corpus_builder.sh
diff --git a/gix-pack/fuzz/README.md b/gix-pack/fuzz/README.md
@@ -26,3 +26,11 @@ for target in data_file index_file multi_index_file; do
     cargo +nightly fuzz run "$target" -- -max_total_time=60
 done
 ```
+
+## Artifact Reproducers
+
+The `artifacts/<target>` directories contain minimized reproducer inputs produced by libFuzzer or Google OSS-Fuzz.
+
+The integration test module `fuzzed` reads every regular file in the populated artifact directories and runs it through the parser under test. This lets `cargo test -p gix-pack-tests fuzzed` reproduce known fuzz failures without starting a fuzzing session.
+
+When OSS-Fuzz reports a new failure, place the minimized testcase in the matching `artifacts/<target>` directory, then run `cargo test -p gix-pack-tests fuzzed`. To confirm it against the original harness, run `cargo fuzz run <target> artifacts/<target>/<reproducer>` from this directory.
diff --git a/gix-pack/fuzz/fuzz_targets/data_file_corpus_builder.sh b/gix-pack/fuzz/fuzz_targets/data_file_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-pack" "data_file"
diff --git a/gix-pack/fuzz/fuzz_targets/index_file_corpus_builder.sh b/gix-pack/fuzz/fuzz_targets/index_file_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-pack" "index_file"
diff --git a/gix-pack/fuzz/fuzz_targets/multi_index_file_corpus_builder.sh b/gix-pack/fuzz/fuzz_targets/multi_index_file_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-pack" "multi_index_file"
diff --git a/gix-pack/tests/pack/mod.rs b/gix-pack/tests/pack/mod.rs
@@ -44,7 +44,7 @@ pub(crate) fn fuzz_artifact_paths(target: &str) -> Vec<PathBuf> {
             .join(target),
     )
     .expect("artifact directory exists")
-    .filter_map(|entry| entry.ok().map(|entry| entry.path()).filter(|path| path.is_file()))
+    .filter_map(|entry| entry.ok().map(|entry| entry.path()))
     .collect::<Vec<_>>();
     paths.sort();
     paths
diff --git a/gix-packetline/fuzz/fuzz_targets/packet_lines_corpus_builder.sh b/gix-packetline/fuzz/fuzz_targets/packet_lines_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-packetline" "packet_lines"
diff --git a/gix-pathspec/fuzz/fuzz_targets/parse_corpus_builder.sh b/gix-pathspec/fuzz/fuzz_targets/parse_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-pathspec" "parse"
diff --git a/gix-transport/fuzz/fuzz_targets/capabilities_from_bytes_corpus_builder.sh b/gix-transport/fuzz/fuzz_targets/capabilities_from_bytes_corpus_builder.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eux -o pipefail
+
+root="$(readlink -f -- "$1")"
+output_corpus="$2"
+
+source "$root/etc/fuzz-corpus-builder.sh"
+
+build_fuzz_corpus "$root" "$output_corpus" "gix-transport" "capabilities_from_bytes"
diff --git a/gix-transport/fuzz/fuzz_targets/capabilities_from_lines_corpus_builder.sh b/gix-transport/fuzz/fuzz_targets/capabilities_from_lines_corpus_builder.sh
diff --git a/gix-transport/fuzz/fuzz_targets/capabilities_handshake_corpus_builder.sh b/gix-transport/fuzz/fuzz_targets/capabilities_handshake_corpus_builder.sh
