Initial commit of a fuzzer. Run with "cargo fuzz run simple_instantia…

…te". Used to discover issue wasmerio#558. We'll probably want to reconsider the default .gitignore of the artifacts and corpus directories. The fuzzer wastes a lot of time not having even a single exampel of a valid .wasm file to start with.
meskill · Jul 14, 2019 · 5c0ede0 · 5c0ede0
1 parent 13abdfe
commit 5c0ede0
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 0 deletions.
diff --git a/fuzz/.gitignore b/fuzz/.gitignore
@@ -0,0 +1,4 @@
+
+target
+corpus
+artifacts
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -0,0 +1,21 @@
+
+[package]
+name = "wasmer-fuzz"
+version = "0.0.1"
+authors = ["Automatically generated"]
+publish = false
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+wasmer-runtime = { path = "../lib/runtime" }
+libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git" }
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[[bin]]
+name = "simple_instantiate"
+path = "fuzz_targets/simple_instantiate.rs"
diff --git a/fuzz/fuzz_targets/simple_instantiate.rs b/fuzz/fuzz_targets/simple_instantiate.rs
@@ -0,0 +1,13 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate wasmer_runtime;
+
+use wasmer_runtime::{
+    instantiate,
+    imports,
+};
+
+fuzz_target!(|data: &[u8]| {
+    let import_object = imports! {};
+    instantiate(data, &import_object);
+});