Skip to content

Fix AFL++ fuzzing harness input handling & add security workflows#3556

Open
Easton97-Jens wants to merge 1 commit intoowasp-modsecurity:v3/masterfrom
Easton97-Jens:v3/master-workflows2
Open

Fix AFL++ fuzzing harness input handling & add security workflows#3556
Easton97-Jens wants to merge 1 commit intoowasp-modsecurity:v3/masterfrom
Easton97-Jens:v3/master-workflows2

Conversation

@Easton97-Jens
Copy link
Copy Markdown
Contributor

@Easton97-Jens Easton97-Jens commented May 4, 2026

what

  • Fixes incorrect handling of AFL++ input data in the fuzzing harness

  • Correctly uses the input buffer (buf) to construct the string

  • Adds guard for invalid/empty input (read_bytes <= 0)

  • Prevents potential null pointer dereference in Operator::instantiate()

  • Adds fallback definition for __AFL_LOOP (enables non-AFL builds)

  • Adds additional security workflows:

    • CodeQL analysis
    • Runtime sanitizers (ASan/UBSan)
    • AFL++ fuzzing smoke test

why

  • Previous implementation did not properly use fuzzer input
    → resulting in ineffective fuzzing (no real coverage)
  • Proper input handling is required to test transformations and operators with real data
  • Null check prevents crashes outside AFL environments
  • New workflows improve security, stability, and detection of runtime issues (memory, UB, DoS)
  • Goal: Detect bugs and vulnerabilities early

references

  • AFL++ documentation (input handling best practices)
  • ModSecurity fuzzing harness (test/fuzzer/afl_fuzzer.cc)

@github-advanced-security
Copy link
Copy Markdown

github-advanced-security AI commented May 4, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@Easton97-Jens
Add files via upload
1a7cfc7 
Add files via upload

Fix AFL fuzzer input handling and null operator check

Fix fuzzer API usage for operators and transformations

Update fuzzing workflow to use ubuntu-latest

Update runtime-sanitizers.yml

Update codeql-security.yml
@Easton97-Jens Easton97-Jens force-pushed the v3/master-workflows2 branch from dce564b to 1a7cfc7 Compare May 4, 2026 17:05
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 4, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Easton97-Jens @github-advanced-security