From 00119c76d5f552eb02cbd974849bb34a269001d0 Mon Sep 17 00:00:00 2001
From: Vincent Rischmann
Date: Sun, 8 Dec 2024 12:20:55 +0100
Subject: build: remove adhoc fuzzing

---
 build.zig | 48 ------------------------------------------------
 1 file changed, 48 deletions(-)

diff --git a/build.zig b/build.zig
index b851865..3b990ff 100644
--- a/build.zig
+++ b/build.zig
@@ -242,8 +242,6 @@ pub fn build(b: *std.Build) !void {
         test_step.dependOn(&run_tests.step);
     }
 
-    // Fuzzing
-
     const lib = b.addStaticLibrary(.{
         .name = "sqlite",
         .target = getTarget(target, true),
@@ -253,52 +251,6 @@ pub fn build(b: *std.Build) !void {
     lib.addIncludePath(b.path("c"));
     lib.linkLibC();
 
-    // The library
-    const fuzz_lib = b.addStaticLibrary(.{
-        .name = "fuzz-lib",
-        .root_source_file = b.path("fuzz/main.zig"),
-        .target = getTarget(target, true),
-        .optimize = optimize,
-    });
-    fuzz_lib.addIncludePath(b.path("c"));
-    fuzz_lib.linkLibrary(lib);
-    fuzz_lib.want_lto = true;
-    fuzz_lib.bundle_compiler_rt = true;
-    fuzz_lib.root_module.addImport("sqlite", sqlite_mod);
-
-    // Setup the output name
-    const fuzz_executable_name = "fuzz";
-    const fuzz_exe_path = try b.cache_root.join(b.allocator, &.{fuzz_executable_name});
-
-    // We want `afl-clang-lto -o path/to/output path/to/library`
-    const fuzz_compile = b.addSystemCommand(&.{ "afl-clang-lto", "-o", fuzz_exe_path });
-    fuzz_compile.addArtifactArg(lib);
-    fuzz_compile.addArtifactArg(fuzz_lib);
-
-    // Install the cached output to the install 'bin' path
-    const fuzz_install = b.addInstallBinFile(.{ .cwd_relative = fuzz_exe_path }, fuzz_executable_name);
-
-    // Add a top-level step that compiles and installs the fuzz executable
-    const fuzz_compile_run = b.step("fuzz", "Build executable for fuzz testing using afl-clang-lto");
-    // fuzz_compile_run.dependOn(&fuzz_lib.step);
-    fuzz_compile_run.dependOn(&fuzz_compile.step);
-    fuzz_compile_run.dependOn(&fuzz_install.step);
-
-    // Compile a companion exe for debugging crashes
-    const fuzz_debug_exe = b.addExecutable(.{
-        .name = "fuzz-debug",
-        .root_source_file = b.path("fuzz/main.zig"),
-        .target = getTarget(target, true),
-        .optimize = optimize,
-    });
-    fuzz_debug_exe.addIncludePath(b.path("c"));
-    fuzz_debug_exe.linkLibrary(lib);
-    fuzz_debug_exe.root_module.addImport("sqlite", sqlite_mod);
-
-    // Only install fuzz-debug when the fuzz step is run
-    const install_fuzz_debug_exe = b.addInstallArtifact(fuzz_debug_exe, .{});
-    fuzz_compile_run.dependOn(&install_fuzz_debug_exe.step);
-
     //
     // Examples
     //
-- 
cgit v1.2.3


From 2a2d19c356cf8f4530b9a8368e8696255c722e70 Mon Sep 17 00:00:00 2001
From: Vincent Rischmann
Date: Sun, 8 Dec 2024 12:28:13 +0100
Subject: add a fuzz test

---
 sqlite.zig | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)

diff --git a/sqlite.zig b/sqlite.zig
index 6174d1c..6d22d1f 100644
--- a/sqlite.zig
+++ b/sqlite.zig
@@ -4068,3 +4068,70 @@ test "reuse same field twice in query string" {
     defer testing.allocator.free(name.?);
     try testing.expectEqualStrings(name.?, update_name);
 }
+
+test "fuzzing" {
+    const global = struct {
+        fn testOne(input: []const u8) anyerror!void {
+            var db = try Db.init(.{
+                .mode = .Memory,
+                .open_flags = .{
+                    .write = true,
+                    .create = true,
+                },
+            });
+            defer db.deinit();
+
+            try db.exec("CREATE TABLE test(id integer primary key, name text, data blob)", .{}, .{});
+
+            db.execDynamic(input, .{}, .{}) catch |err| switch (err) {
+                error.SQLiteError => return,
+                error.ExecReturnedData => return,
+                error.EmptyQuery => return,
+                else => return err,
+            };
+
+            db.execDynamic(
+                "INSERT INTO test(name, data) VALUES($name, $data)",
+                .{},
+                .{
+                    .name = "foo",
+                    .data = input,
+                },
+            ) catch |err| switch (err) {
+                error.SQLiteError => return,
+                else => return err,
+            };
+
+            var stmt = db.prepareDynamic("SELECT name, data FROM test") catch |err| switch (err) {
+                error.SQLiteError => return,
+                else => return err,
+            };
+            defer stmt.deinit();
+
+            var rows_memory: [4096]u8 = undefined;
+            var rows_fba = std.heap.FixedBufferAllocator.init(&rows_memory);
+
+            const row_opt = stmt.oneAlloc(
+                struct {
+                    name: Text,
+                    data: Blob,
+                },
+                rows_fba.allocator(),
+                .{},
+                .{},
+            ) catch |err| switch (err) {
+                error.SQLiteError => return,
+                else => return err,
+            };
+
+            if (row_opt) |row| {
+                if (!std.mem.eql(u8, row.name.data, "foo")) return error.InvalidNameField;
+                if (!std.mem.eql(u8, row.data.data, input)) return error.InvalidDataField;
+            } else {
+                return error.NoRowsFound;
+            }
+        }
+    };
+
+    try testing.fuzz(global.testOne, .{});
+}
-- 
cgit v1.2.3