From 9ef6d3edb39cc0ddaab5b11b300925f93f2e59d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20L=C3=B3pez?= <00xc@protonmail.com>
Date: Wed, 24 May 2023 21:29:48 +0200
Subject: [PATCH] Add more `cargo-fuzz` targets (#143)

* cargo-fuzz: add new target to parse responses

Add a new cargo-fuzz target to test the Response parsing code.

* cargo-fuzz: add new targets with relaxed multiple space options

Add two new targets to fuzz parsing requests and responses with
multiple spaces enabled via ParserConfig.
---
 fuzz/Cargo.toml                                | 18 ++++++++++++++++++
 fuzz/fuzz_targets/parse_request_multspaces.rs  | 11 +++++++++++
 fuzz/fuzz_targets/parse_response.rs            |  8 ++++++++
 fuzz/fuzz_targets/parse_response_multspaces.rs | 11 +++++++++++
 4 files changed, 48 insertions(+)
 create mode 100644 fuzz/fuzz_targets/parse_request_multspaces.rs
 create mode 100644 fuzz/fuzz_targets/parse_response.rs
 create mode 100644 fuzz/fuzz_targets/parse_response_multspaces.rs

diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
index 8e78ef8..4587f8d 100644
--- a/fuzz/Cargo.toml
+++ b/fuzz/Cargo.toml
@@ -36,3 +36,21 @@ name = "parse_headers"
 path = "fuzz_targets/parse_headers.rs"
 test = false
 doc = false
+
+[[bin]]
+name = "parse_response"
+path = "fuzz_targets/parse_response.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "parse_response_multspaces"
+path = "fuzz_targets/parse_response_multspaces.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "parse_request_multspaces"
+path = "fuzz_targets/parse_request_multspaces.rs"
+test = false
+doc = false
diff --git a/fuzz/fuzz_targets/parse_request_multspaces.rs b/fuzz/fuzz_targets/parse_request_multspaces.rs
new file mode 100644
index 0000000..dfa8395
--- /dev/null
+++ b/fuzz/fuzz_targets/parse_request_multspaces.rs
@@ -0,0 +1,11 @@
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    let mut headers = [httparse::EMPTY_HEADER; 16];
+    let mut resp = httparse::Request::new(&mut headers);
+    let _ = httparse::ParserConfig::default()
+        .allow_multiple_spaces_in_request_line_delimiters(true)
+        .parse_request(&mut resp, data);
+});
diff --git a/fuzz/fuzz_targets/parse_response.rs b/fuzz/fuzz_targets/parse_response.rs
new file mode 100644
index 0000000..757723f
--- /dev/null
+++ b/fuzz/fuzz_targets/parse_response.rs
@@ -0,0 +1,8 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    let mut headers = [httparse::EMPTY_HEADER; 16];
+    let mut resp = httparse::Response::new(&mut headers);
+    let _ = resp.parse(data);
+});
diff --git a/fuzz/fuzz_targets/parse_response_multspaces.rs b/fuzz/fuzz_targets/parse_response_multspaces.rs
new file mode 100644
index 0000000..ceba2f4
--- /dev/null
+++ b/fuzz/fuzz_targets/parse_response_multspaces.rs
@@ -0,0 +1,11 @@
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    let mut headers = [httparse::EMPTY_HEADER; 16];
+    let mut resp = httparse::Response::new(&mut headers);
+    let _ = httparse::ParserConfig::default()
+        .allow_multiple_spaces_in_response_status_delimiters(true)
+        .parse_response(&mut resp, data);
+});