Skip to content

Update fuzzer parser dict for property hooks words #14958

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 14, 2024
Merged

Update fuzzer parser dict for property hooks words #14958

merged 1 commit into from
Jul 14, 2024

Conversation

jorgsowa
Copy link
Contributor

  • adds two words to fuzzer parser dict coming from property hooks feature set and get
  • removes redundant unset word

nielsdos
nielsdos approved these changes Jul 14, 2024
View reviewed changes
Copy link
Member

@nielsdos nielsdos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@iluuu1994
Copy link
Member

I don't know what this dictionary is needed for, but get and set are not keywords with the hooks rfc.

@nielsdos
Copy link
Member

I don't know what this dictionary is needed for, but get and set are not keywords with the hooks rfc.

A fuzzer can mutate an input corpus randomly, but that's not very efficient to hit new code paths when testing certain features. So fuzzers are often given a dictionary of interesting keywords (well, they don't have to be _key_words, just syntactic elements suffices) that can hit new code paths.

@iluuu1994
Copy link
Member

Do we then need to provide a new input corpus with hooks to effectively fuzz hooks?

@jorgsowa
Copy link
Contributor Author

Thanks @nielsdos for the explanation. Parser fuzzer is used by OSS-fuzz, so it helps to generate more precise code paths for the master branch.

@jorgsowa
Copy link
Contributor Author

Do we then need to provide a new input corpus with hooks to effectively fuzz hooks?

No, it gets the corpus automatically from the tests located in the Zend/tests directory.
https://github.com/php/php-src/blob/master/sapi/fuzzer/generate_parser_corpus.php

@nielsdos
Copy link
Member

Do we then need to provide a new input corpus with hooks to effectively fuzz hooks?

What jorg says is true, it comes from phpt files. Which is also the reason that we have found variants of issues in the past shortly after the fix for an issue was committed.

@iluuu1994
Copy link
Member

Great! Thanks for the explanation

@nielsdos nielsdos merged commit 85b7181 into php:master Jul 14, 2024
11 checks passed
@jorgsowa jorgsowa deleted the property_hooks_update_fuzzer_dict branch August 7, 2024 22:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@devnexen devnexen devnexen approved these changes

@nielsdos nielsdos nielsdos approved these changes

Assignees
No one assigned
Labels
SAPI: fuzzer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jorgsowa @iluuu1994 @nielsdos @devnexen