From 7f8ab26218ab3557e875885501eb5e4ce4a1cade Mon Sep 17 00:00:00 2001
From: Vikram Rangnekar <vicram@gmail.com>
Date: Thu, 18 Apr 2019 21:08:14 -0400
Subject: [PATCH] Add fuzz testing to qcode

---
 corpus/1      | 21 +++++++++++++++++++++
 corpus/2      | 14 ++++++++++++++
 corpus/3      | 12 ++++++++++++
 corpus/4      | 12 ++++++++++++
 corpus/5      |  6 ++++++
 corpus/6      | 21 +++++++++++++++++++++
 corpus/7      |  6 ++++++
 corpus/8      | 22 ++++++++++++++++++++++
 fuzz.yaml     | 15 +++++++++++++++
 qcode/fuzz.go | 14 ++++++++++++++
 10 files changed, 143 insertions(+)
 create mode 100644 corpus/1
 create mode 100644 corpus/2
 create mode 100644 corpus/3
 create mode 100644 corpus/4
 create mode 100644 corpus/5
 create mode 100644 corpus/6
 create mode 100644 corpus/7
 create mode 100644 corpus/8
 create mode 100644 fuzz.yaml
 create mode 100644 qcode/fuzz.go

diff --git a/corpus/1 b/corpus/1
new file mode 100644
index 0000000..ae381f8
--- /dev/null
+++ b/corpus/1
@@ -0,0 +1,21 @@
+query {
+  products(
+    # returns only 30 items
+    limit: 30,
+
+    # starts from item 10, commented out for now
+    # offset: 10,
+
+    # orders the response items by highest price
+    order_by: { price: desc },
+
+    # no duplicate prices returned
+    distinct: [ price ]
+    
+    # only items with an id >= 30 and < 30 are returned
+    where: { id: { and: { greater_or_equals: 20, lt: 28 } } }) {
+    id
+    name
+    price
+  }
+}
\ No newline at end of file
diff --git a/corpus/2 b/corpus/2
new file mode 100644
index 0000000..d0aa529
--- /dev/null
+++ b/corpus/2
@@ -0,0 +1,14 @@
+query {
+  products(
+    where: { 
+      or: { 
+        not: { id: { is_null: true } }, 
+        price: { gt: 10 },
+        price: { lt: 20 } 
+      } }
+    ) {
+    id
+    name
+    price
+  }
+}
\ No newline at end of file
diff --git a/corpus/3 b/corpus/3
new file mode 100644
index 0000000..a57440b
--- /dev/null
+++ b/corpus/3
@@ -0,0 +1,12 @@
+query {
+  products(
+    where: { 
+      and: { 
+        not: { id: { is_null: true } }, 
+        price: { gt: 10 } 
+      }}) {
+    id
+    name
+    price
+  }
+}
\ No newline at end of file
diff --git a/corpus/4 b/corpus/4
new file mode 100644
index 0000000..1480a95
--- /dev/null
+++ b/corpus/4
@@ -0,0 +1,12 @@
+query {
+  products(
+    where: { 
+      and: [ 
+        { not: { id: { is_null: true } } }, 
+        { price: { gt: 10 } }, 
+      ] } ) {
+    id
+    name
+    price
+  }
+}
\ No newline at end of file
diff --git a/corpus/5 b/corpus/5
new file mode 100644
index 0000000..61c166d
--- /dev/null
+++ b/corpus/5
@@ -0,0 +1,6 @@
+query {
+  product(id: 15) {
+    id
+    name
+  }
+}
\ No newline at end of file
diff --git a/corpus/6 b/corpus/6
new file mode 100644
index 0000000..ae381f8
--- /dev/null
+++ b/corpus/6
@@ -0,0 +1,21 @@
+query {
+  products(
+    # returns only 30 items
+    limit: 30,
+
+    # starts from item 10, commented out for now
+    # offset: 10,
+
+    # orders the response items by highest price
+    order_by: { price: desc },
+
+    # no duplicate prices returned
+    distinct: [ price ]
+    
+    # only items with an id >= 30 and < 30 are returned
+    where: { id: { and: { greater_or_equals: 20, lt: 28 } } }) {
+    id
+    name
+    price
+  }
+}
\ No newline at end of file
diff --git a/corpus/7 b/corpus/7
new file mode 100644
index 0000000..e2878e0
--- /dev/null
+++ b/corpus/7
@@ -0,0 +1,6 @@
+query {
+  products(search: "Imperial") {
+    id
+    name
+  }
+}
\ No newline at end of file
diff --git a/corpus/8 b/corpus/8
new file mode 100644
index 0000000..e4bd62c
--- /dev/null
+++ b/corpus/8
@@ -0,0 +1,22 @@
+query {
+  products(
+    # returns only 30 items
+    limit: 30,
+
+    # starts from item 10, commented out for now
+    # offset: 10,
+
+    # orders the response items by highest price
+    order_by: { price: desc },
+
+    # only items with an id >= 30 and < 30 are returned
+    where: { id: { and: { greater_or_equals: 20, lt: 28 } } }) {
+    id
+    name
+    price
+    user {
+      full_name
+      picture : avatar
+    }
+  }
+}
\ No newline at end of file
diff --git a/fuzz.yaml b/fuzz.yaml
new file mode 100644
index 0000000..90dc154
--- /dev/null
+++ b/fuzz.yaml
@@ -0,0 +1,15 @@
+base: ubuntu:16.04
+targets:
+  - name: tutorial
+    language: go
+    version: "1.12"
+    corpus: ./corpus
+    #memory_limit: 1000 # in megabytes
+    #timeout: 500 # in milliseconds
+    harness:
+      function: FuzzerEntrypoint
+      # package defines where to import FuzzerEntrypoint from
+      package: github.com/dosco/super-graph/qcode
+      # the repository will be cloned to
+      # $GOPATH/src/github.com/fuzzbuzz/tutorial
+      checkout: github.com/dosco/super-graph/
diff --git a/qcode/fuzz.go b/qcode/fuzz.go
new file mode 100644
index 0000000..1201eb7
--- /dev/null
+++ b/qcode/fuzz.go
@@ -0,0 +1,14 @@
+package qcode
+
+// FuzzerEntrypoint for Fuzzbuzz
+func FuzzerEntrypoint(data []byte) int {
+	testData := string(data)
+
+	qcompile, _ := NewCompiler(Config{})
+	_, err := qcompile.CompileQuery(testData)
+	if err != nil {
+		return -1
+	}
+
+	return 0
+}