Opened 20 months ago

Last modified 20 months ago

#24042 new enhancement

Test descriptor parsing with fuzzed descriptors

Reported by: karsten Owned by: metrics-team
Priority: Medium Milestone:
Component: Metrics Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We recently learned the hard way that there exist descriptors that are valid according to the specification that our descriptor parsers have trouble with. We should throw a bunch of fuzzed descriptors into a local Metrics instance to see if anything breaks.

This could be a trivial reader application using metrics-lib, or it could be a local Onionoo or metrics-web or ExoneraTor instance.

I'm putting this into Metrics/Library for now, because that's likely be responsible for the bulk of descriptor-parsing issues, even though there's also some parsing code in other components.

According to teor, Tor has a collection of valid and invalid directory documents. Part of the challenge here will be to tell valid and invalid documents apart. That might be a manual process.

And according to atagar, Stem now supports descriptor creation (and should have all capabilities Leekspin did). This is just in case we run out of descriptors above and feel like creating even more would be a good idea.

Child Tickets

Change History (3)

comment:1 Changed 20 months ago by iwakeh

So far, this wasn't a problem of metrics-lib, which parsed the recent pearl-version descriptors fine, but the API using clients' problem, e.g., Onionoo relied on 'uptime', which is not required.
Thus, this should be a general 'Metrics' issue and not metrics-lib. Changing the component.

The new API for metrics-lib should also prevent such errors as in #24012, still having a wider variety of descriptors will surely improve code quality.

comment:2 Changed 20 months ago by iwakeh

Component: Metrics/LibraryMetrics

comment:3 Changed 20 months ago by iwakeh

And, once there are methods returning Optional<T> the fuzzing could be applied in tests in an automated fashion depending on method signatures.

Note: See TracTickets for help on using tickets.