Adversarial review finding P4: README §Status block (and the mid-file callout) still said 'Slice 1 is the active build target' directly beneath a slice-3 quickstart. The same §Status block is verbatim in docs/QUICKSTART.md + docs/DEVELOPMENT.md, so fixing one without the others would re-corrupt agent context on next read — swept all three. fuzz/README.md planned for the SIP/SDP parsers that ADR-0007 abolished. Re-aimed at the actual post-0007 hostile-byte surfaces: tap protocol frames (existing, slice-2), RTP at the str0m input, Opus payload at the decoder boundary, and the provider media-fork framing (step 5, deferred). Refs docs/reviews/2026-07-03-adversarial-review.md P4. DCO-signed. Signed-off-by: Aaron D. Lee <himself@adlee.work>
2.5 KiB
fuzz/ — cargo-fuzz harness directory (placeholder)
Status: placeholder. Not yet a cargo-fuzz project — just the directory.
ADR-0007 abolished the first-party SIP parser (the original reason this
directory was pre-paved), so the original sip_parser / sdp_parser fuzz
targets are gone from the plan. The hostile-byte surfaces that do exist
post-0007, and that the harnesses here will eventually target, are:
- Tap protocol frames (
crates/rutster-tap/src/protocol.rs) — the WS framing between the core and an external brain. This is hostility surface #1 today: a brain is an untrusted process and its frames cross the FOB boundary. Slice-2 ships this surface without a fuzzer; the harness should land as soon as third-party brains exist (P6 of the 2026-07-03 adversarial review — the protocol should also carry an auth field by then). - RTP packets at the str0m input (slice-1's
rtc_session.rsmedia ingress) — every byte str0m hands us is potentially hostile before str0m validates it; fuzz at the str0m-RtcSession boundary, not str0m internally. - Opus decoder inputs (
crates/rutster-mediacodec boundary) — a malicious or malformed RTP payload hits the Opus decoder. Fuzz the decoded-PCM contract (finite-length, sane amplitude range), not the decoder internals. - Provider media-fork framing (spearhead step 5, post-ADR-0007) — the rented transport's media-fork delivers bytes that the CPaaS framed; that framing is the post-0007 equivalent of the SIP/SDP parser surface. Lands with step 5.
Slice 1 says "the browser is trusted" for the WebRTC ingress, which is correct for the signaling surface (str0m validates SDP). But the media plane accepts RTP from any peer that completed ICE, which makes the RTP/Opus surfaces above hostile-by-default regardless of signaling trust.
If you're populating this directory, replace it with:
fuzz/Cargo.toml— cargo-fuzz manifest.fuzz/fuzz_targets/tap_protocol.rs— fuzz the tap protocol frame decoder.fuzz/fuzz_targets/rtp_packet.rs— fuzz the str0m-RtcSession RTP input.fuzz/fuzz_targets/opus_payload.rs— fuzz the Opus→PCM decoder boundary.- A CI job running a short fuzz burst on each PR.
The hot-path "drop + observe, don't crash" policy (ARCHITECTURE.md Media plane; slice-4 spec §3.6) is what the harnesses assert against: throw arbitrary bytes at the surface, assert it returns an error or drops silently — never panics. A dropped packet must not terminate the peer.