fuzzing: Add uri_parser setup

[Teufelchen1]

Hello!

Contribution description

This PR is a replacement for PR #18802

In this contribution:

• The variable AFL_FLAGS is renamed to FLAGS_FOR_AFL because AFL is always complaining that AFL_FLAGS is not a valid env var for it. While this is not a bug nor an issue, I found it to be annoying.
• A generic input reader is added to simplify building a test harness
• The usage of this reader is demonstrated by adding a harness for fuzzing the uri_parser

(needs squashing after review)

Testing procedure

Go to fuzzing/uri_parser and run make all-asan and make fuzz to get some action going.
Also mildly interesting: ./dist/tools/compile_test/compile_like_murdock.py -b native -a fuzzing/uri_parser

Issues/PRs references

The original PR #18802 is replaced because the generic input reader is present in both PRs but this PoC harness is much simpler.

[Teufelchen1]

This change was done due to gnrc_ipv6 being mandatory (for all harness types) at the moment because sys/fuzzing/ needs refactoring. :)

[nmeum]

Apart from the minor inline comments I created above this looks good to me 👍

I also prefer this over #18802.

Great work! 🤗

[nmeum]

Could you elaborate why renaming the environment variable is necessary?

[Teufelchen1]

Sure!

If you try to compile using AFL++ (instead of the old AFL) you will encounter this warning:

[!] WARNING: Mistyped AFL environment variable: AFL_FLAGS=
"make" -C RIOT/core/lib
Did you mean AFL_AS?
Did you mean AFL_CC?

This was introduced in Version ++3.10c of AFL++:
printing suggestions for mistyped AFL_ env variables
Check the changelog of AFL++ here.

I am aware that RIOTs fuzzing documentation states to use the old AFL 2.52b - where this warning isn't present. However, AFL is no longer maintained. Tho, we should move on towards AFL++. So far all my fuzzing with AFL++ is without issues and the backwards compatibility is nice. This warning being the only issue.

Edit:
Just realised: This can be turned of by setting AFL_IGNORE_UNKNOWN_ENVS.
I believe changing our name is the better approach as this way we still get hints if we do have typo in some of the AFL envs.

[nmeum]

Moving to AFL++ is definitely a good idea! Maybe it also makes sense to update the documentation in this regard. However, I also wouldn't mind doing that in a separate merge request.

[nmeum]

For the uri_parser you might also be able to just use NATIVE_AUTO_EXIT but explicitly calling exit is of cause also fine.

[Teufelchen1]

Why would one prefer one over the other?

[nmeum]

It might be worthwhile to refactor fuzzing_read_packet using this new function so we don't need to maintain two functions which read all input from stdin in the fuzzing module.

[Teufelchen1]

I updated the PR accordingly. Please review the change :)

[nmeum]

I think in an ideal word fuzzing_read_bytes would write directly to the pktbuf instead of requiring the memcpy but since this is execute on native only anyhow I believe this to be good enough 👍

[nmeum]

LGTM! 🎉

[benpicco]

@nmeum are you sure you don't want to have maintainer capabilities? 😉

proxy-ACK

[riot-ci]

Murdock results

✔️ PASSED

82f44c5 fuzzing: Add uri_parser fuzzer setup

Success	Failures	Total	Runtime
6782	0	6782	14m:03s

Artifacts

• Documentation preview

[benpicco]

bors merge

[bors]

Build succeeded:

• Murdock
• static-tests
• tools-build-success