aboutsummaryrefslogtreecommitdiff
path: root/tests/image-fuzzer/qcow2
AgeCommit message (Collapse)Author
2014-09-22layout: Add generators for refcount table and blocksMaria Kustova
Refcount structures are placed in clusters randomly selected from all unallocated host clusters. Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Maria Kustova <maria.k@catit.be> Reviewed-by: Fam Zheng <famz@redhat.com> Message-id: 7e2f38608db6fba2da53997390b19400d445c45d.1408450493.git.maria.k@catit.be Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-22fuzz: Add fuzzing functions for entries of refcount table and blocksMaria Kustova
Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Maria Kustova <maria.k@catit.be> Message-id: c9f4027b6f401c67e9d18f94aed29be445e81d48.1408450493.git.maria.k@catit.be Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-22image-fuzzer: Trivial readability and formatting improvementsMaria Kustova
Signed-off-by: Maria Kustova <maria.k@catit.be> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15image-fuzzer: Reduce number of generator functions in __init__Maria Kustova
Some issues can be found only when a fuzzed image has a partial structure, e.g. has L1/L2 tables but no refcount ones. Generation of an entirely defined image limits these cases. Now the Image constructor creates only a header and a backing file name (if any), other image elements are generated in the 'create_image' API. Signed-off-by: Maria Kustova <maria.k@catit.be> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15image-fuzzer: Add generators of L1/L2 tablesMaria Kustova
Entries in L1/L2 entries are based on a portion of random guest clusters. L2 entries contain offsets to host image clusters filled with random data. Clusters for L1/L2 tables and guest data are selected randomly. Signed-off-by: Maria Kustova <maria.k@catit.be> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15image-fuzzer: Add fuzzing functions for L1/L2 table entriesMaria Kustova
Signed-off-by: Maria Kustova <maria.k@catit.be> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15image-fuzzer: Public API for image-fuzzer/runner/runner.pyMaria Kustova
__init__.py provides the public API required by the test runner Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Maria Kustova <maria.k@catit.be> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15image-fuzzer: Generator of fuzzed qcow2 imagesMaria Kustova
The layout submodule of the qcow2 package creates a random valid image, randomly selects some amount of its fields, fuzzes them and write the fuzzed image to the file. Fuzzing process can be controlled by an external configuration. Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Maria Kustova <maria.k@catit.be> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15image-fuzzer: Fuzzing functions for qcow2 imagesMaria Kustova
The fuzz submodule of the qcow2 image generator contains fuzzing functions for image fields. Each fuzzing function contains a list of constraints and a call of a helper function that randomly selects a fuzzed value satisfied to one of constraints. For now constraints include only known as invalid or potentially dangerous values. But after investigation of code coverage by fuzz tests they will be expanded by heuristic values based on inner checks and flows of a program under test. Now fuzzing of a header, header extensions and a backing file name is supported. Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Maria Kustova <maria.k@catit.be> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
generated by cgit v1.2.3 (git 2.26.2) at 2025-01-20 11:49:01 +0000