Merge pull request #312 from PsiACE/main

Add fuzzer based on honggfuzz

docs/fuzzing.md

@@ -0,0 +1,38 @@
+# Fuzzing
+
+## Installing `honggfuzz`
+
+```
+cargo install honggfuzz
+```
+
+Install [dependencies](https://github.com/rust-fuzz/honggfuzz-rs#dependencies) for your system.
+
+## Running the fuzzer
+
+Running the fuzzer is as easy as running in the `fuzz` directory.
+
+Choose a target:
+
+These are `[[bin]]` entries in `Cargo.toml`.
+List them with `cargo read-manifest | jq '.targets[].name'` from the `fuzz` directory.
+
+Run the fuzzer:
+
+```shell
+cd fuzz
+cargo hfuzz run <target>
+```
+
+After a panic is found, get a stack trace with:
+
+```shell
+cargo hfuzz run-debug <target> hfuzz_workspace/<target>/*.fuzz
+```
+
+For example, with the `fuzz_parse_sql` target:
+
+```shell
+cargo hfuzz run fuzz_parse_sql
+cargo hfuzz run-debug fuzz_parse_sql hfuzz_workspace/fuzz_parse_sql/*.fuzz
+```

fuzz/.gitignore

@@ -0,0 +1,3 @@
+corpus
+hfuzz_target
+hfuzz_workspace

fuzz/Cargo.toml

@@ -0,0 +1,17 @@
+[package]
+name = "fuzz"
+version = "0.1.0"
+edition = "2018"
+publish = false
+
+[dependencies]
+honggfuzz = "0.5.54"
+sqlparser = { path = ".." }
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[[bin]]
+name = "fuzz_parse_sql"
+path = "fuzz_targets/fuzz_parse_sql.rs"

fuzz/fuzz_targets/fuzz_parse_sql.rs

@@ -0,0 +1,12 @@
+use honggfuzz::fuzz;
+use sqlparser::dialect::GenericDialect;
+use sqlparser::parser::Parser;
+
+fn main() {
+    loop {
+        fuzz!(|data: String| {
+            let dialect = GenericDialect {};
+            let _ = Parser::parse_sql(&dialect, &data);
+        });
+    }
+}