validate_wasm fuzzer

fuzz/Cargo.toml

@@ -10,6 +10,8 @@ cargo-fuzz = true
 
 [dependencies]
 wasmer-runtime = { path = "../lib/runtime" }
+wasmer-runtime-core = { path = "../lib/runtime-core" }
+wasmer = { path = "../" }
 libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git" }
 
 # Prevent this from interfering with workspaces
@@ -19,3 +21,7 @@ members = ["."]
 [[bin]]
 name = "simple_instantiate"
 path = "fuzz_targets/simple_instantiate.rs"
+
+[[bin]]
+name = "validate_wasm"
+path = "fuzz_targets/validate_wasm.rs"

fuzz/README.md

@@ -10,12 +10,16 @@ $ cargo install cargo-fuzz
 
 `cargo-fuzz` is documented in the [Rust Fuzz Book](https://rust-fuzz.github.io/book/cargo-fuzz.html).
 
-## Running a fuzzer
+## Running a fuzzer (simple_instantiate, validate_wasm)
 
 Once `cargo-fuzz` is installed, you can run the `simple_instantiate` fuzzer with
 ```sh
 cargo fuzz run simple_instantiate
 ```
+or the `validate_wasm` fuzzer
+```sh
+cargo fuzz run validate_wasm
+```
 
 You should see output that looks something like this:
 

fuzz/fuzz_targets/validate_wasm.rs

@@ -0,0 +1,19 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+
+extern crate wasmer_runtime_core;
+extern crate wasmer;
+
+use wasmer_runtime_core::{
+    backend::{Features},
+};
+
+fuzz_target!(|data: &[u8]| {
+            let _ = wasmer::utils::is_wasm_binary(data);
+            let _ = wasmer_runtime_core::validate_and_report_errors_with_features(
+                &data,
+                Features {
+                    // modify those values to explore additionnal part of wasmer
+                    simd: false, threads: false,              },
+            );
+});