From 50aaa25e35542f6af7df6a3c436d9329bb337e2e Mon Sep 17 00:00:00 2001 From: Taruntej Kanakamalla Date: Tue, 21 Apr 2026 16:25:01 +0530 Subject: [PATCH 1/5] add cargo-fuzz to the Github CI --- .github/workflows/rust-fuzz.yml | 38 +++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/rust-fuzz.yml diff --git a/.github/workflows/rust-fuzz.yml b/.github/workflows/rust-fuzz.yml new file mode 100644 index 0000000..286a01b --- /dev/null +++ b/.github/workflows/rust-fuzz.yml @@ -0,0 +1,38 @@ +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +name: Quick Fuzzing + +env: + CARGO_TERM_COLOR: always + RUST_BACKTRACE: 1 + +jobs: + fuzzing: + name: Fuzzing + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Install nightly toolchain + uses: actions-rs/toolchain@v1 + with: + toolchain: nightly + override: true + + - name: Install cargo-fuzz + uses: actions-rs/cargo@v1 + with: + command: 'install' + args: 'cargo-fuzz' + + - name: Run cargo-fuzz + uses: actions-rs/cargo@v1 + with: + command: 'fuzz' + args: 'run parse_session -- -max_total_time=20' + From 009ce915f177ee3b17ce8d95308165bbfdb277e1 Mon Sep 17 00:00:00 2001 From: Taruntej Kanakamalla Date: Tue, 21 Apr 2026 16:23:41 +0530 Subject: [PATCH 2/5] remove the use of assert in media parsing cargo-fuzz reports a crash due to this --- src/parser.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/parser.rs b/src/parser.rs index 0073f47..e3d92e4 100644 --- a/src/parser.rs +++ b/src/parser.rs @@ -370,10 +370,10 @@ impl Media { ) -> Result, ParserError> { let media = match lines.next()? { None => return Ok(None), - Some(line) => { - assert_eq!(line.key, b'm'); - Media::parse_m_line(&line)? - } + Some(line) => match line.key { + b'm' => Media::parse_m_line(&line)?, + _ => return Err(ParserError::InvalidLineFormat(line.n, "line key not m")), + }, }; // As with Session::parse, be more permissive about order than RFC 8866. From b4854b5130be3fd63eec4f2ec563842d51ed0e0e Mon Sep 17 00:00:00 2001 From: Taruntej Kanakamalla Date: Wed, 22 Apr 2026 14:29:41 +0530 Subject: [PATCH 3/5] fuzz: serialize the parsed session --- fuzz/fuzz_targets/parse_session.rs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fuzz/fuzz_targets/parse_session.rs b/fuzz/fuzz_targets/parse_session.rs index b740cc9..c516567 100644 --- a/fuzz/fuzz_targets/parse_session.rs +++ b/fuzz/fuzz_targets/parse_session.rs @@ -2,5 +2,11 @@ use libfuzzer_sys::fuzz_target; fuzz_target!(|data: &[u8]| { - let _ = sdp_types::Session::parse(data); + let session = sdp_types::Session::parse(data); + + if let Ok (s) = session { + // serialize the parsed session + let mut written = vec![]; + s.write(&mut written).unwrap(); + }; }); From 31e7f2a24332f3265f47c1fbd302be761c7ec258 Mon Sep 17 00:00:00 2001 From: Taruntej Kanakamalla Date: Wed, 22 Apr 2026 14:31:18 +0530 Subject: [PATCH 4/5] fuzz: add corpus for parse_session --- fuzz/corpus/parse_session/crypto | 14 ++++++++++++++ fuzz/corpus/parse_session/simple | 12 ++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 fuzz/corpus/parse_session/crypto create mode 100644 fuzz/corpus/parse_session/simple diff --git a/fuzz/corpus/parse_session/crypto b/fuzz/corpus/parse_session/crypto new file mode 100644 index 0000000..0aa1cda --- /dev/null +++ b/fuzz/corpus/parse_session/crypto @@ -0,0 +1,14 @@ +v=0 +o=jdoe 2890844526 2890842807 IN IP4 10.47.16.5 +s=SDP Seminar +i=A Seminar on the session description protocol +u=http://www.example.com/seminars/sdp.pdf +e=j.doe@example.com (Jane Doe) +c=IN IP4 161.44.17.12/127 +t=2873397496 2873404696 +m=video 51372 RTP/SAVP 31 +a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 +m=audio 49170 RTP/SAVP 0 +a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 +m=application 32416 udp wb +a=orient:portrait diff --git a/fuzz/corpus/parse_session/simple b/fuzz/corpus/parse_session/simple new file mode 100644 index 0000000..8a6d409 --- /dev/null +++ b/fuzz/corpus/parse_session/simple @@ -0,0 +1,12 @@ +v=0 +o=jdoe 2890844526 2890842807 IN IP4 10.47.16.5 +s=SDP Seminar +i=A Seminar on the session description protocol +u=http://www.example.com/seminars/sdp.pdf +e=j.doe@example.com (Jane Doe) +c=IN IP4 224.2.17.12/127 +t=2873397496 2873404696 +a=recvonly +m=audio 49170 RTP/AVP 0 +m=video 51372 RTP/AVP 99 +a=rtpmap:99 h263-1998/90000 From 1e63b9ed815ba667f54e478dc7b44d6d6d519e28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= Date: Mon, 27 Apr 2026 10:35:07 +0300 Subject: [PATCH 5/5] Add parse example --- examples/parse.rs | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 examples/parse.rs diff --git a/examples/parse.rs b/examples/parse.rs new file mode 100644 index 0000000..846a7c1 --- /dev/null +++ b/examples/parse.rs @@ -0,0 +1,40 @@ +use std::io::prelude::*; +use std::{env, fs, process}; + +fn main() -> process::ExitCode { + let mut args = env::args(); + let _ = args.next().unwrap(); + let Some(file) = args.next() else { + eprintln!("Usage: parse [file.sdp]"); + return process::ExitCode::FAILURE; + }; + + let mut file = match fs::File::open(file) { + Ok(file) => file, + Err(err) => { + eprintln!("Failed to open file: {err}"); + return process::ExitCode::FAILURE; + } + }; + + let mut content = Vec::new(); + match file.read_to_end(&mut content) { + Ok(_) => {} + Err(err) => { + eprintln!("Failed to read file: {err}"); + return process::ExitCode::FAILURE; + } + }; + + let sdp = match sdp_types::Session::parse(&content) { + Ok(sdp) => sdp, + Err(err) => { + eprintln!("Failed to parse SDP: {err}"); + return process::ExitCode::FAILURE; + } + }; + + println!("{sdp:#?}"); + + process::ExitCode::SUCCESS +}