[linkerd2] Add more fuzzers (#6917)

6 files changed, 230 insertions, 2 deletions

diff --git a/projects/linkerd2/Dockerfile b/projects/linkerd2/Dockerfile
index a6cf8501..e90d2998 100644
--- a/projects/linkerd2/Dockerfile
+++ b/projects/linkerd2/Dockerfile
@@ -16,5 +16,10 @@
 
 FROM gcr.io/oss-fuzz-base/base-builder-go
 RUN git clone --depth 1 https://github.com/linkerd/linkerd2
-COPY build.sh fuzzers.go $SRC/
+COPY build.sh \
+     fuzzers.go \
+     inject_fuzzer.go \
+     identity_fuzzer.go \
+     destination_fuzzer.go \
+     healthcheck_fuzzer.go $SRC/
 WORKDIR $SRC/linkerd2
diff --git a/projects/linkerd2/build.sh b/projects/linkerd2/build.sh
index 160c0d3c..94956872 100644
--- a/projects/linkerd2/build.sh
+++ b/projects/linkerd2/build.sh
@@ -1,5 +1,5 @@
 #!/bin/bash -eu
-# Copyright 2020 Google LLC.
+# Copyright 2021 Google LLC.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -15,10 +15,28 @@
 #
 ################################################################################
 
+
 mkdir $SRC/linkerd2/test/fuzzing
 
 mv $SRC/fuzzers.go $SRC/linkerd2/test/fuzzing/
+mv $SRC/inject_fuzzer.go $SRC/linkerd2/pkg/inject/
+mv $SRC/destination_fuzzer.go $SRC/linkerd2/controller/api/destination/
+mv $SRC/linkerd2/controller/api/destination/endpoint_translator_test.go \
+   $SRC/linkerd2/controller/api/destination/endpoint_translator_fuzz.go
+mv $SRC/linkerd2/controller/api/destination/server_test.go \
+   $SRC/linkerd2/controller/api/destination/server_fuzz.go
+mv $SRC/healthcheck_fuzzer.go $SRC/linkerd2/pkg/healthcheck/
+mv $SRC/identity_fuzzer.go $SRC/linkerd2/pkg/identity/
+mv $SRC/linkerd2/pkg/identity/service_test.go \
+   $SRC/linkerd2/pkg/identity/service_fuzz.go
 
+compile_go_fuzzer github.com/linkerd/linkerd2/controller/api/destination FuzzAdd FuzzAdd
+compile_go_fuzzer github.com/linkerd/linkerd2/controller/api/destination FuzzGetProfile FuzzGetProfile
+compile_go_fuzzer github.com/linkerd/linkerd2/controller/api/destination FuzzProfileTranslatorUpdate FuzzProfileTranslatorUpdate
+compile_go_fuzzer github.com/linkerd/linkerd2/controller/api/destination FuzzUpdateTrafficSplit FuzzUpdateTrafficSplit
+compile_go_fuzzer github.com/linkerd/linkerd2/pkg/healthcheck FuzzFetchCurrentConfiguration FuzzFetchCurrentConfiguration
+compile_go_fuzzer github.com/linkerd/linkerd2/pkg/inject FuzzParseMetaAndYAML FuzzParseMetaAndYAML
+compile_go_fuzzer github.com/linkerd/linkerd2/pkg/identity FuzzServiceCertify FuzzServiceCertify
 compile_go_fuzzer github.com/linkerd/linkerd2/test/fuzzing FuzzParseContainerOpaquePorts FuzzParseContainerOpaquePorts
 compile_go_fuzzer github.com/linkerd/linkerd2/test/fuzzing FuzzParsePorts FuzzParsePorts
 compile_go_fuzzer github.com/linkerd/linkerd2/test/fuzzing FuzzHealthCheck FuzzHealthCheck
diff --git a/projects/linkerd2/destination_fuzzer.go b/projects/linkerd2/destination_fuzzer.go
new file mode 100644
index 00000000..b143b95e
--- /dev/null
+++ b/projects/linkerd2/destination_fuzzer.go
@@ -0,0 +1,96 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package destination
+
+import (
+	"testing"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+	pb "github.com/linkerd/linkerd2-proxy-api/go/destination"
+	"github.com/linkerd/linkerd2/controller/api/destination/watcher"
+	"github.com/linkerd/linkerd2/controller/api/util"
+	sp "github.com/linkerd/linkerd2/controller/gen/apis/serviceprofile/v1alpha2"
+	ts "github.com/servicemeshinterface/smi-sdk-go/pkg/apis/split/v1alpha1"
+	logging "github.com/sirupsen/logrus"
+)
+
+func init() {
+	testing.Init()
+}
+
+func FuzzAdd(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	set := watcher.AddressSet{}
+	err := f.GenerateStruct(&set)
+	if err != nil {
+		return 0
+	}
+	t := &testing.T{}
+	_, translator := makeEndpointTranslator(t)
+	translator.Add(set)
+	translator.Remove(set)
+	return 1
+}
+
+func FuzzGetProfile(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	dest := &pb.GetDestination{}
+	err := f.GenerateStruct(dest)
+	if err != nil {
+		return 0
+	}
+	t := &testing.T{}
+	server := makeServer(t)
+	stream := &bufferingGetProfileStream{
+		updates:          []*pb.DestinationProfile{},
+		MockServerStream: util.NewMockServerStream(),
+	}
+	stream.Cancel()
+	_ = server.GetProfile(dest, stream)
+	return 1
+}
+
+func FuzzProfileTranslatorUpdate(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	profile := &sp.ServiceProfile{}
+	err := f.GenerateStruct(profile)
+	if err != nil {
+		return 0
+	}
+	t := &testing.T{}
+	mockGetProfileServer := &mockDestinationGetProfileServer{profilesReceived: []*pb.DestinationProfile{}}
+
+	translator := &profileTranslator{
+		stream: mockGetProfileServer,
+		log:    logging.WithField("test", t.Name()),
+	}
+	translator.Update(profile)
+	return 1
+}
+
+func FuzzUpdateTrafficSplit(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	split := &ts.TrafficSplit{}
+	err := f.GenerateStruct(split)
+	if err != nil {
+		return 0
+	}
+	listener := watcher.NewBufferingProfileListener()
+	adaptor := newTrafficSplitAdaptor(listener, watcher.ServiceID{Name: "foo", Namespace: "ns"}, watcher.Port(80), "cluster.local")
+
+	adaptor.UpdateTrafficSplit(split)
+	return 1
+}
diff --git a/projects/linkerd2/healthcheck_fuzzer.go b/projects/linkerd2/healthcheck_fuzzer.go
new file mode 100644
index 00000000..1f47fc39
--- /dev/null
+++ b/projects/linkerd2/healthcheck_fuzzer.go
@@ -0,0 +1,31 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package healthcheck
+
+import (
+	"context"
+	"github.com/linkerd/linkerd2/pkg/k8s"
+)
+
+func FuzzFetchCurrentConfiguration(data []byte) int {
+	clientset, err := k8s.NewFakeAPI(string(data))
+	if err != nil {
+		return 0
+	}
+
+	_, _, _ = FetchCurrentConfiguration(context.Background(), clientset, "linkerd")
+	return 1
+}
diff --git a/projects/linkerd2/identity_fuzzer.go b/projects/linkerd2/identity_fuzzer.go
new file mode 100644
index 00000000..d83620bd
--- /dev/null
+++ b/projects/linkerd2/identity_fuzzer.go
@@ -0,0 +1,39 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package identity
+
+import (
+	"context"
+	pb "github.com/linkerd/linkerd2-proxy-api/go/identity"
+	"github.com/linkerd/linkerd2/pkg/tls"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+)
+
+func FuzzServiceCertify(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	req := &pb.CertifyRequest{}
+	err := f.GenerateStruct(req)
+	if err != nil {
+		return 0
+	}
+
+	svc := NewService(&fakeValidator{"successful-result", nil}, nil, nil, nil, "", "", "")
+	svc.updateIssuer(&fakeIssuer{tls.Crt{}, nil})
+
+	_, _ = svc.Certify(context.Background(), req)
+	return 1
+}
diff --git a/projects/linkerd2/inject_fuzzer.go b/projects/linkerd2/inject_fuzzer.go
new file mode 100644
index 00000000..6f96b85f
--- /dev/null
+++ b/projects/linkerd2/inject_fuzzer.go
@@ -0,0 +1,39 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package inject
+
+import (
+	l5dcharts "github.com/linkerd/linkerd2/pkg/charts/linkerd2"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+)
+
+func FuzzParseMetaAndYAML(data []byte) int {
+	f := fuzz.NewConsumer(data)
+	yamlBytes, err := f.GetBytes()
+	if err != nil {
+		return 0
+	}
+
+	v := &l5dcharts.Values{}
+	err = f.GenerateStruct(v)
+	if err != nil {
+		return 0
+	}
+	resourceConfig := NewResourceConfig(v, OriginUnknown)
+	_, _ = resourceConfig.ParseMetaAndYAML(yamlBytes)
+	return 1
+}