Open
Description
The first incarnation of the fuzz testing framework imitates a normal service client and pumps fuzzy messages into the service front-end, verifying what effect they have on the whole service. While this was easy to implement and provides a natural target that replicates a client, more specific/targeted fuzzing targets should be considered.
This issue is for investigating such target options. A few examples to consider:
- Send operations straight into the providers, potentially with a target per operation.
- Send requests straight into authenticators
- Send requests to the interface code that parses them from binary
- Send key mappings to the OnDiskKeyInfoManager to verify its ability to parse them
etc.