From 6b148d35744c21db145769a966a3016ae1e1e087 Mon Sep 17 00:00:00 2001
From: Book Moons <35854232+bookmoons@users.noreply.github.com>
Date: Thu, 29 Aug 2019 01:15:04 -0400
Subject: [PATCH] Define fuzz targets

---
 server/server_fuzz.go | 128 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 128 insertions(+)
 create mode 100644 server/server_fuzz.go

diff --git a/server/server_fuzz.go b/server/server_fuzz.go
new file mode 100644
index 0000000..b97ea88
--- /dev/null
+++ b/server/server_fuzz.go
@@ -0,0 +1,128 @@
+// +build gofuzz
+
+package server
+
+import (
+	"crypto/tls"
+	"io/ioutil"
+	"net"
+	"strings"
+)
+
+// FuzzProfile tests the profile server.
+func FuzzProfile(fuzz []byte) int {
+	if len(fuzz) == 0 {
+		return -1
+	}
+	server, err := New(EnableProfiler())
+	if err != nil {
+		panic(err.Error())
+	}
+	server.Run()
+	defer server.profileListener.Close()
+	defer server.httpListener.Close()
+	address := server.profileListener.Addr
+	connection, err := net.Dial("tcp", address)
+	if err != nil {
+		panic(err.Error())
+	}
+	_, err = connection.Write(fuzz)
+	if err != nil {
+		return 0
+	}
+	response, err := ioutil.ReadAll(connection)
+	if err != nil {
+		return 0
+	}
+	err = connection.Close()
+	if err != nil {
+		return 0
+	}
+	fields := strings.Fields(string(response))
+	if len(fields) < 2 {
+		panic("invalid HTTP response")
+	}
+	code := fields[1]
+	if code == "500" {
+		panic("server panicked")
+	}
+	return 1
+}
+
+// FuzzHTTP tests the HTTP server.
+func FuzzHTTP(fuzz []byte) int {
+	if len(fuzz) == 0 {
+		return -1
+	}
+	server, err := New(Listener("localhost"))
+	if err != nil {
+		panic(err.Error())
+	}
+	server.Run()
+	defer server.httpListener.Close()
+	address := server.httpListener.Addr
+	connection, err := net.Dial("tcp", address)
+	if err != nil {
+		panic(err.Error())
+	}
+	_, err = connection.Write(fuzz)
+	if err != nil {
+		return 0
+	}
+	response, err := ioutil.ReadAll(connection)
+	if err != nil {
+		return 0
+	}
+	err = connection.Close()
+	if err != nil {
+		return 0
+	}
+	fields := strings.Fields(string(response))
+	if len(fields) < 2 {
+		panic("invalid HTTP response")
+	}
+	code := fields[1]
+	if code == "500" {
+		panic("server panicked")
+	}
+	return 1
+}
+
+// FuzzHTTPS tests the HTTPS server.
+func FuzzHTTPS(fuzz []byte) int {
+	if len(fuzz) == 0 {
+		return -1
+	}
+	server, err := New(TLSListener("localhost", true))
+	if err != nil {
+		panic(err.Error())
+	}
+	server.Run()
+	defer server.httpsListener.Close()
+	address := server.httpsListener.Addr
+	connection, err := tls.Dial("tcp", address, nil)
+	if err != nil {
+		panic(err.Error())
+	}
+	_, err = connection.Write(fuzz)
+	if err != nil {
+		return 0
+	}
+	response, err := ioutil.ReadAll(connection)
+	if err != nil {
+		return 0
+	}
+	err = connection.Close()
+	if err != nil {
+		return 0
+	}
+	fields := strings.Fields(string(response))
+	if len(fields) < 2 {
+		panic("invalid HTTP response")
+	}
+	code := fields[1]
+	if code == "500" {
+		panic("server panicked")
+	}
+	return 1
+}