Add gix-config-value fuzzer

[nathaniel-brough]

• Add fuzzer
• Add associated dict

[nathaniel-brough]

This one trigger's a bug.
crash-96c228b3c036a5d88d9c668cbabffb421db2981c.txt

Repro

cargo +nightly fuzz run fuzz_value <path-to-downloaded>/crash-96c228b3c036a5d88d9c668cbabffb421db2981c.txt

Stack trace

thread '<unnamed>' panicked at /home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/src/color.rs:209:42:
byte index 2 is not a char boundary; it is inside 'ȩ' (bytes 1..3) of `=ȩ=ȩ`
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
==82755== ERROR: libFuzzer: deadly signal
    #0 0x559e3ab5b541 in __sanitizer_print_stack_trace /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
    #1 0x559e3af1bfe9 in fuzzer::PrintStackTrace() /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/libfuzzer/FuzzerUtil.cpp:210:38
    #2 0x559e3af073b5 in fuzzer::Fuzzer::CrashCallback() /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/libfuzzer/FuzzerLoop.cpp:233:18
    #3 0x559e3af073b5 in fuzzer::Fuzzer::CrashCallback() /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/libfuzzer/FuzzerLoop.cpp:228:6
    #4 0x7fa839b50d9f  (/nix/store/whypqfa83z4bsn43n4byvmw80n4mg3r8-glibc-2.37-45/lib/libc.so.6+0x38d9f) (BuildId: 2b9ebcc534a497a5e424c017f310e087ec14b7b6)
    #5 0x7fa839b9fb1b in __pthread_kill_implementation (/nix/store/whypqfa83z4bsn43n4byvmw80n4mg3r8-glibc-2.37-45/lib/libc.so.6+0x87b1b) (BuildId: 2b9ebcc534a497a5e424c017f310e087ec14b7b6)
    #6 0x7fa839b50cf5 in raise (/nix/store/whypqfa83z4bsn43n4byvmw80n4mg3r8-glibc-2.37-45/lib/libc.so.6+0x38cf5) (BuildId: 2b9ebcc534a497a5e424c017f310e087ec14b7b6)
    #7 0x7fa839b3a8b9 in abort (/nix/store/whypqfa83z4bsn43n4byvmw80n4mg3r8-glibc-2.37-45/lib/libc.so.6+0x228b9) (BuildId: 2b9ebcc534a497a5e424c017f310e087ec14b7b6)
    #8 0x559e3afcc5c6 in std::sys::unix::abort_internal::ha418c32fac60a652 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/sys/unix/mod.rs:376:14
    #9 0x559e3aab1cc6 in std::process::abort::h6a00468c32a1427b /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/process.rs:2279:5
    #10 0x559e3af015f4 in libfuzzer_sys::initialize::_$u7b$$u7b$closure$u7d$$u7d$::h7c95ea808816e5a5 /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/src/lib.rs:91:9
    #11 0x559e3afc1127 in _$LT$alloc..boxed..Box$LT$F$C$A$GT$$u20$as$u20$core..ops..function..Fn$LT$Args$GT$$GT$::call::h87663a6d98510044 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/alloc/src/boxed.rs:2021:9
    #12 0x559e3afc1127 in std::panicking::rust_panic_with_hook::ha7e08626b0c00268 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/panicking.rs:783:13
    #13 0x559e3afc0e7d in std::panicking::begin_panic_handler::_$u7b$$u7b$closure$u7d$$u7d$::he2070c4c8dc35d96 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/panicking.rs:657:13
    #14 0x559e3afbe4a5 in std::sys_common::backtrace::__rust_end_short_backtrace::hf3eed1192776806e /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/sys_common/backtrace.rs:170:18
    #15 0x559e3afc0be1 in rust_begin_unwind /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/panicking.rs:645:5
    #16 0x559e3aab5504 in core::panicking::panic_fmt::h90e9c7fdd5c87d9c /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/panicking.rs:72:14
    #17 0x559e3b012f1a in core::str::slice_error_fail_rt::h3439f4daf72ef640 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/str/mod.rs
    #18 0x559e3aab5e06 in core::str::slice_error_fail::hc87caabcc92f7374 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/str/mod.rs:88:9
    #19 0x559e3abe0192 in core::str::traits::_$LT$impl$u20$core..slice..index..SliceIndex$LT$str$GT$$u20$for$u20$core..ops..range..RangeTo$LT$usize$GT$$GT$::index::h2f93a2be46ad3f28 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/str/traits.rs:361:21
    #20 0x559e3abe0192 in core::str::traits::_$LT$impl$u20$core..ops..index..Index$LT$I$GT$$u20$for$u20$str$GT$::index::h2836939956756047 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/str/traits.rs:61:15
    #21 0x559e3abe0192 in _$LT$gix_config_value..color..Name$u20$as$u20$core..str..traits..FromStr$GT$::from_str::h46e01f28f067c506 /home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/src/color.rs:209:42
    #22 0x559e3abd89d1 in gix_config_value::color::_$LT$impl$u20$core..convert..TryFrom$LT$$RF$bstr..bstr..BStr$GT$$u20$for$u20$gix_config_value..types..Color$GT$::try_from::_$u7b$$u7b$closure$u7d$$u7d$::ha20c6a0a364b8ef9 /home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/src/color.rs:57:17
    #23 0x559e3abd89d1 in core::ops::function::impls::_$LT$impl$u20$core..ops..function..FnMut$LT$A$GT$$u20$for$u20$$RF$mut$u20$F$GT$::call_mut::hfa1cb05ebff22ab1 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/ops/function.rs:294:13
    #24 0x559e3abd89d1 in core::iter::traits::iterator::Iterator::find_map::check::_$u7b$$u7b$closure$u7d$$u7d$::hf6f591eb6b9224eb /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/iter/traits/iterator.rs:2958:32
    #25 0x559e3abd89d1 in core::iter::traits::iterator::Iterator::try_fold::h73b6487b6a758778 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/iter/traits/iterator.rs:2462:21
    #26 0x559e3abd89d1 in core::iter::traits::iterator::Iterator::find_map::heab4239e55be5c5c /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/iter/traits/iterator.rs:2964:9
    #27 0x559e3abd89d1 in _$LT$core..iter..adapters..filter_map..FilterMap$LT$I$C$F$GT$$u20$as$u20$core..iter..traits..iterator..Iterator$GT$::next::h35458693eca00ffa /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/core/src/iter/adapters/filter_map.rs:62:9
    #28 0x559e3abd89d1 in gix_config_value::color::_$LT$impl$u20$core..convert..TryFrom$LT$$RF$bstr..bstr..BStr$GT$$u20$for$u20$gix_config_value..types..Color$GT$::try_from::hc78763581f557640 /home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/src/color.rs:66:21
    #29 0x559e3aba32a5 in fuzz_value::fuzz::h35248d44125b13d2 /home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/fuzz/fuzz_targets/fuzz_value.rs:30:19
    #30 0x559e3aba9c14 in fuzz_value::_::__libfuzzer_sys_run::hcab6a8702b17c884 /home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/fuzz/fuzz_targets/fuzz_value.rs:48:21
    #31 0x559e3aba87e0 in rust_fuzzer_test_input /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/src/lib.rs:297:60
    #32 0x559e3aefbef8 in libfuzzer_sys::test_input_wrap::_$u7b$$u7b$closure$u7d$$u7d$::hadf10b30089ae219 /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/src/lib.rs:61:9
    #33 0x559e3aefbef8 in std::panicking::try::do_call::h71c1b7b5199748f3 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/panicking.rs:552:40
    #34 0x559e3af01817 in __rust_try (/home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_value+0x690817)
    #35 0x559e3af008c1 in std::panicking::try::hbefb4fb79aecb830 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/panicking.rs:516:19
    #36 0x559e3af008c1 in std::panic::catch_unwind::hfabf83c23f69b392 /rustc/2b603f95a48f10f931a61dd208fe3e5ffd64e491/library/std/src/panic.rs:142:14
    #37 0x559e3af008c1 in LLVMFuzzerTestOneInput /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/src/lib.rs:59:22
    #38 0x559e3af078e9 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/libfuzzer/FuzzerLoop.cpp:612:15
    #39 0x559e3af280cd in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/libfuzzer/FuzzerDriver.cpp:324:21
    #40 0x559e3af2fdee in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/libfuzzer/FuzzerDriver.cpp:860:19
    #41 0x559e3aab5f02 in main /home/nathaniel/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libfuzzer-sys-0.4.7/libfuzzer/FuzzerMain.cpp:20:30
    #42 0x7fa839b3bb0d in __libc_start_call_main (/nix/store/whypqfa83z4bsn43n4byvmw80n4mg3r8-glibc-2.37-45/lib/libc.so.6+0x23b0d) (BuildId: 2b9ebcc534a497a5e424c017f310e087ec14b7b6)
    #43 0x7fa839b3bbc8 in __libc_start_main_impl (/nix/store/whypqfa83z4bsn43n4byvmw80n4mg3r8-glibc-2.37-45/lib/libc.so.6+0x23bc8) (BuildId: 2b9ebcc534a497a5e424c017f310e087ec14b7b6)
    #44 0x559e3aab6064 in _start (/home/nathaniel/projects/github.com/silvergasp/gitoxide/gix-config-value/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_value+0x245064)

[Byron]

Thanks again for all your work and for relentlessly improving fuzzerage (coverage of the fuzzer :)).

It's great it finds all the spots where strings are treated incorrectly as ASCII, I'd hope that this was it.