Add fuzzers for RRG actions

[pmateatg]

No description provided.

[panhania]

Maybe instead of wrapping, calling write_all and forget we can just do libc::write instead?

[pmateatg]

This way the cleanup on error or partial write is handled, with libc::write the return code would have to be checked and handled.

[panhania]

Hmm, I'm not sure how this file is used here. CTRL + F for disk_images_corpus yields no results.

[pmateatg]

The zip file is the seed corpus for the fuzzers which work with disk images, otherwise they waste a lot of time trying to guess magic numbers. I added a FUZZING.md which explains how it was created and how to use it.

[panhania]

Hmm, I think I am still puzzled about this. So before running fuzzing we need to unpack these, got it but then I don't see anything in individual fuzz_targets/*.rs files that would make use of these images (e.g. I don't see any reference to small_fat32.img or small_ext4.img). I presume there is something that picks things up from fuzz/corpus folder but is there some documentation I can read about this?

[pmateatg]

Correct the fuzzing, corpus handling, input mutation and coverage tracking is handled by libfuzzer. The Rust files in fuzz_target directory only define the target specific code, the boilerplate is handled by the fuzz_target libfuzzer macro (https://github.com/rust-fuzz/libfuzzer/blob/main/src/lib.rs#L226).

The fuzzer can start with an empty corpus directory or with some "interesting" input pre-seeding to get the fuzzer faster to the interesting part of the code instead of waiting to guess the well known file headers from scratch (https://llvm.org/docs/LibFuzzer.html#corpus). Essentially libfuzzer treats the corpus files as raw byte input, which happens to be disk images for GRR disk timeline fuzzing, but they can be PNG/JPEG files for image parsing libraries.