feat: refactor sgclaw around zeroclaw compat runtime

2026-03-26 16:23:31 +08:00
parent bca5b75801
commit ff0771a83f
1059 changed files with 409460 additions and 23 deletions
--- a/third_party/zeroclaw/fuzz/Cargo.toml
+++ b/third_party/zeroclaw/fuzz/Cargo.toml
@@ -0,0 +1,44 @@
+[package]
+name = "zeroclaw-fuzz"
+version = "0.0.0"
+publish = false
+edition = "2021"
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+libfuzzer-sys = "0.4"
+
+[dependencies.zeroclaw]
+path = ".."
+
+[[bin]]
+name = "fuzz_config_parse"
+path = "fuzz_targets/fuzz_config_parse.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "fuzz_tool_params"
+path = "fuzz_targets/fuzz_tool_params.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "fuzz_webhook_payload"
+path = "fuzz_targets/fuzz_webhook_payload.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "fuzz_provider_response"
+path = "fuzz_targets/fuzz_provider_response.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "fuzz_command_validation"
+path = "fuzz_targets/fuzz_command_validation.rs"
+test = false
+doc = false
--- a/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_command_validation.rs
+++ b/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_command_validation.rs
@@ -0,0 +1,10 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+use zeroclaw::security::SecurityPolicy;
+
+fuzz_target!(|data: &[u8]| {
+    if let Ok(s) = std::str::from_utf8(data) {
+        let policy = SecurityPolicy::default();
+        let _ = policy.validate_command_execution(s, false);
+    }
+});
--- a/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_config_parse.rs
+++ b/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_config_parse.rs
@@ -0,0 +1,9 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    if let Ok(s) = std::str::from_utf8(data) {
+        // Fuzz TOML config parsing — silently discard invalid input
+        let _ = toml::from_str::<toml::Value>(s);
+    }
+});
--- a/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_provider_response.rs
+++ b/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_provider_response.rs
@@ -0,0 +1,9 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    if let Ok(s) = std::str::from_utf8(data) {
+        // Fuzz provider API response deserialization
+        let _ = serde_json::from_str::<serde_json::Value>(s);
+    }
+});
--- a/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_tool_params.rs
+++ b/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_tool_params.rs
@@ -0,0 +1,9 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    if let Ok(s) = std::str::from_utf8(data) {
+        // Fuzz JSON tool parameter parsing — silently discard invalid input
+        let _ = serde_json::from_str::<serde_json::Value>(s);
+    }
+});
--- a/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_webhook_payload.rs
+++ b/third_party/zeroclaw/fuzz/fuzz_targets/fuzz_webhook_payload.rs
@@ -0,0 +1,9 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    if let Ok(s) = std::str::from_utf8(data) {
+        // Fuzz webhook body deserialization
+        let _ = serde_json::from_str::<serde_json::Value>(s);
+    }
+});