Skip to main content
The Palyra fuzzing harness provides a robust suite of property-based and coverage-guided testing targets designed to identify edge cases, memory safety issues, and logic vulnerabilities in critical parsing and validation logic. Located in the fuzz/ directory, these targets leverage libFuzzer and cargo-fuzz to stress-test the system’s most exposed attack surfaces.

Fuzzing Architecture

The harness is structured to bridge “Natural Language Space” (untrusted input strings/blobs) to “Code Entity Space” (internal Rust structs and state machines). Each target consumes a byte slice from the fuzzer and attempts to drive a specific internal component.

Data Flow: From Raw Bytes to Validated State

The following diagram illustrates the flow of data through a typical fuzzing target in the Palyra workspace. Fuzzing Pipeline Flow Sources: crates/palyra-common/src/workspace_patch.rs#102-138, crates/palyra-common/src/redaction.rs#24-130

Target Catalog

The harness includes nine specialized targets covering the primary ingestion paths of the daemon and CLI.
Target NameComponent TestedPrimary Objective
config_path_parserpalyra-commonPath sanitization and traversal prevention.
a2ui_json_parserpalyra-a2uiValidation of the Agent-to-UI JSON envelope.
webhook_payload_parserpalyra-connectorsSchema enforcement for external webhook triggers.
workspace_patch_parserpalyra-commonapply_workspace_patch hunk and path logic.
process_runner_input_parserpalyra-sandboxCommand-line argument and environment variable parsing.
auth_profile_registry_parserpalyra-authDeserialization of AuthProfileRegistry from disk.
redaction_routinespalyra-commonLeak prevention in redact_url and redact_auth_error.
channel_payload_validationpalyra-connectorsMessage size and capability limit enforcement.
webhook_replay_verifierpalyra-connectorsSignature and timestamp verification logic.

Redaction Routines Fuzzing

The redaction_routines target specifically tests the redaction.rs module. It ensures that no matter the input string, sensitive markers like api_key or bearer tokens are never leaked in plain text when processed by redact_auth_error or redact_url. Code Entity Association: Redaction Sources: crates/palyra-common/src/redaction.rs#5-22, crates/palyra-common/src/redaction.rs#49-60, crates/palyra-common/src/redaction.rs#63-86

Implementation Details

Workspace Patch Fuzzing

The workspace_patch_parser target exercises the apply_workspace_patch function. This is a critical security boundary where the LLM provides diffs to be applied to the local filesystem.

Redaction Logic

The redaction_routines target validates that SENSITIVE_KEY_MARKERS are correctly identified and handled.

Running Campaigns

Prerequisites

To run the fuzzing harness, the following tools must be installed:
  1. Rust Nightly: Required for libFuzzer instrumentation.
  2. cargo-fuzz: Installed via cargo install cargo-fuzz.

Execution Commands

To start a fuzzing campaign for a specific target: 
# Run the redaction routine fuzzer
cargo +nightly fuzz run redaction_routines

# Run the workspace patch parser with 4 parallel jobs
cargo +nightly fuzz run workspace_patch_parser -j 4

Analyzing Crashes

When a fuzzer finds a crashing input, it is saved to fuzz/artifacts/<target>/. These can be replayed for debugging: 
cargo +nightly fuzz run <target> fuzz/artifacts/<target>/crash-<hash>
Sources: crates/palyra-common/Cargo.toml#1-31, crates/palyra-identity/Cargo.toml#1-43