cargo-fuzz (based on LLVM’s libFuzzer) to stress-test components that handle untrusted data from external sources, such as webhooks, configuration files, and AI-generated patches.
Fuzzing Architecture
The fuzzing infrastructure is centralized in the/fuzz directory, which acts as a dedicated workspace for fuzz targets. Each target is a standalone binary that exercises a specific library function or module.
Data Flow: External Input to Fuzz Target
The following diagram illustrates how external, potentially malicious data is routed through the fuzzing harness to validate internal logic. Fuzzing Input Pipeline Sources: fuzz/Cargo.toml#10-16, fuzz/fuzz_targets/workspace_patch_parser.rs#21-41Fuzz Targets
Palyra maintains several high-priority fuzz targets targeting parsers and security-sensitive routines.| Target Name | File Path | Component Tested | Purpose |
|---|---|---|---|
config_path_parser | fuzz/fuzz_targets/config_path_parser.rs | palyra-common | Validates configuration file path resolution and sanitization. |
a2ui_json_parser | fuzz/fuzz_targets/a2ui_json_parser.rs | palyra-a2ui | Tests the Agent-to-UI JSON protocol parser for malformed envelopes. |
webhook_payload_parser | fuzz/fuzz_targets/webhook_payload_parser.rs | palyra-connectors | Exercises Discord/Slack/Telegram webhook ingestion logic. |
workspace_patch_parser | fuzz/fuzz_targets/workspace_patch_parser.rs | palyra-common | Stress-tests the apply_workspace_patch logic against malformed diffs. |
process_runner_input_parser | fuzz/fuzz_targets/process_runner_input_parser.rs | palyra-common | Validates parse_process_runner_tool_input for palyra.process.run. |
redaction_routines | fuzz/fuzz_targets/redaction_routines.rs | palyra-common | Ensures sensitive data masking does not crash on complex strings. |
webhook_replay_verifier | fuzz/fuzz_targets/webhook_replay_verifier.rs | palyra-common | Tests the cryptographic signature and replay protection logic. |
Implementation Details
Workspace Patch Fuzzing
Theworkspace_patch_parser target is particularly critical as it simulates AI-generated file modifications. It uses a temporary directory via fuzz_workspace_root to safely execute apply_workspace_patch calls. It enforces WorkspacePatchLimits to prevent the fuzzer from consuming excessive system resources during a campaign.
Code Entity Mapping: Workspace Patching
Sources: fuzz/fuzz_targets/workspace_patch_parser.rs#12-19, fuzz/fuzz_targets/workspace_patch_parser.rs#29-40
Process Runner Input Validation
Theprocess_runner_input_parser target exercises the parse_process_runner_tool_input function in palyra-common. This function uses serde_json with #[serde(deny_unknown_fields)] to ensure strict schema adherence for tool execution requests.
Code Entity Mapping: Tool Input Parsing
Sources: fuzz/fuzz_targets/process_runner_input_parser.rs#8-13, crates/palyra-common/src/process_runner_input.rs#5-17, crates/palyra-common/src/process_runner_input.rs#26-31
Build and Execution
The project provides automation for building fuzz targets via theMakefile and justfile.
Building Targets
To compile all fuzz targets and ensure they are compatible with the current workspace:cargo-fuzz and builds the entire suite including config_path_parser, a2ui_json_parser, and webhook_payload_parser.
Sources: Makefile#147-160, justfile#154-167
Running a Campaign
To start a fuzzing campaign for a specific target:cargo fuzz run workspace_patch_parser.
CI/CD Integration
Fuzzing is integrated into the Palyra Security SDLC baseline. The pipeline is configured to:- Compile on PR: Ensure that changes to the codebase do not break the fuzzing harness.
- Nightly Campaigns: Run extended fuzzing sessions to discover deep logic bugs that require millions of iterations.