Added a first fuzzer for several string operations.

[DavidKorczynski]

Hi guys,

Cross referencing #1462
I have implemented an initial fuzzer and integrated with OSS-fuzz. I have more in the pipeline but figured it would be nice to start small.

David

[DavidKorczynski]

Any news on this @flashcode ?

[txtsd]

I'm eager to see this fuzzer added and improved on!

[DavidKorczynski]

@AdamKorcz and I would be happy to work on integrating fuzzing into weechat - I started it here as it would be nice to get the process going first before we commit more time to it. I also opened a PR on the OSS-Fuzz side (google/oss-fuzz#3584) but I closed it just a few hours ago since I wasn't sure if you were interested here - I can naturally reopen once we progress.

[flashcode]

Hi @DavidKorczynski,

Thanks for the PR.

I recently added in WeeChat a way to create fake IRC servers, for now they are used in tests to simulate messages received from the server, see:

weechat/tests/unit/plugins/irc/test-irc-protocol.cpp

Lines 293 to 306 in f3b9eb9

	void setup ()
	{
	printf ("\n");
	/* create a fake server (no I/O) */
	run_cmd ("/server add " IRC_FAKE_SERVER " fake:127.0.0.1 "
	"-nicks=nick1,nick2,nick3");
	/* connect to the fake server */
	run_cmd ("/connect " IRC_FAKE_SERVER);
	/* get the server pointer */
	ptr_server = irc_server_search (IRC_FAKE_SERVER);
	}

And my goal is to use that in a fuzzer. Simulating incoming IRC messages will cover:

• IRC protocol functions (interesting, CVE were found recenlty here)
• indirectly many string functions, including the ones you are testing in this PR.

So I think it's a better approach to cover more code via the fuzzer.