types: add fuzzers

Signed-off-by: AdamKorcz <adam@adalogics.com>

pkg/types/helm/fuzz_test.go

@@ -0,0 +1,35 @@
+//
+// Copyright 2022 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package helm
+
+import (
+	"context"
+	"testing"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
+	"github.com/sigstore/rekor/pkg/types"
+)
+
+func FuzzHelmCreateProposedEntry(f *testing.F) {
+	f.Fuzz(func(t *testing.T, version string, propsData []byte) {
+		ff := fuzz.NewConsumer(propsData)
+		props := types.ArtifactProperties{}
+		ff.GenerateStruct(&props)
+		it := New()
+		_, _ = it.CreateProposedEntry(context.Background(), version, props)
+	})
+}

pkg/types/intoto/fuzz_test.go

@@ -0,0 +1,35 @@
+//
+// Copyright 2022 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package intoto
+
+import (
+	"context"
+	"testing"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
+	"github.com/sigstore/rekor/pkg/types"
+)
+
+func FuzzIntotoCreateProposedEntry(f *testing.F) {
+	f.Fuzz(func(t *testing.T, version string, propsData []byte) {
+		ff := fuzz.NewConsumer(propsData)
+		props := types.ArtifactProperties{}
+		ff.GenerateStruct(&props)
+		it := New()
+		_, _ = it.CreateProposedEntry(context.Background(), version, props)
+	})
+}

pkg/types/rekord/fuzz_test.go

@@ -0,0 +1,35 @@
+//
+// Copyright 2022 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package rekord
+
+import (
+	"context"
+	"testing"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
+	"github.com/sigstore/rekor/pkg/types"
+)
+
+func FuzzRekordCreateProposedEntry(f *testing.F) {
+	f.Fuzz(func(t *testing.T, version string, propsData []byte) {
+		ff := fuzz.NewConsumer(propsData)
+		props := types.ArtifactProperties{}
+		ff.GenerateStruct(&props)
+		it := New()
+		_, _ = it.CreateProposedEntry(context.Background(), version, props)
+	})
+}

pkg/types/rfc3161/fuzz_test.go

@@ -0,0 +1,35 @@
+//
+// Copyright 2022 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package rfc3161
+
+import (
+	"context"
+	"testing"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
+	"github.com/sigstore/rekor/pkg/types"
+)
+
+func FuzzRfc3161CreateProposedEntry(f *testing.F) {
+	f.Fuzz(func(t *testing.T, version string, propsData []byte) {
+		ff := fuzz.NewConsumer(propsData)
+		props := types.ArtifactProperties{}
+		ff.GenerateStruct(&props)
+		it := New()
+		_, _ = it.CreateProposedEntry(context.Background(), version, props)
+	})
+}

pkg/types/rpm/fuzz_test.go

@@ -0,0 +1,35 @@
+//
+// Copyright 2022 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package rpm
+
+import (
+	"context"
+	"testing"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
+	"github.com/sigstore/rekor/pkg/types"
+)
+
+func FuzzRpmCreateProposedEntry(f *testing.F) {
+	f.Fuzz(func(t *testing.T, version string, propsData []byte) {
+		ff := fuzz.NewConsumer(propsData)
+		props := types.ArtifactProperties{}
+		ff.GenerateStruct(&props)
+		it := New()
+		_, _ = it.CreateProposedEntry(context.Background(), version, props)
+	})
+}

pkg/types/tuf/fuzz_test.go

@@ -0,0 +1,35 @@
+//
+// Copyright 2022 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package tuf
+
+import (
+	"context"
+	"testing"
+
+	fuzz "github.com/AdaLogics/go-fuzz-headers"
+
+	"github.com/sigstore/rekor/pkg/types"
+)
+
+func FuzzTufCreateProposedEntry(f *testing.F) {
+	f.Fuzz(func(t *testing.T, version string, propsData []byte) {
+		ff := fuzz.NewConsumer(propsData)
+		props := types.ArtifactProperties{}
+		ff.GenerateStruct(&props)
+		it := New()
+		_, _ = it.CreateProposedEntry(context.Background(), version, props)
+	})
+}

tests/oss_fuzz.sh

@@ -27,3 +27,9 @@ compile_native_go_fuzzer github.com/sigstore/rekor/pkg/sharding FuzzValidateUUID
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/sharding FuzzValidateTreeID FuzzValidateTreeID
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/sharding FuzzValidateEntryID FuzzValidateEntryID
 compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/alpine FuzzPackageUnmarshal FuzzPackageUnmarshal
+compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/intoto FuzzIntotoCreateProposedEntry FuzzIntotoCreateProposedEntry
+compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/tuf FuzzTufCreateProposedEntry FuzzTufCreateProposedEntry
+compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rfc3161 FuzzRfc3161CreateProposedEntry FuzzRfc3161CreateProposedEntry
+compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rpm FuzzRpmCreateProposedEntry FuzzRpmCreateProposedEntry
+compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/helm FuzzHelmCreateProposedEntry FuzzHelmCreateProposedEntry
+compile_native_go_fuzzer github.com/sigstore/rekor/pkg/types/rekord FuzzRekordCreateProposedEntry FuzzRekordCreateProposedEntry