2 files changed, 72 insertions, 0 deletions

diff --git a/fuzz.go b/fuzz.go
new file mode 100644
index 0000000..e4d0534
--- /dev/null
+++ b/fuzz.go
@@ -0,0 +1,25 @@
+// +build gofuzz
+
+package securecookie
+
+var hashKey = []byte("very-secret12345")
+var blockKey = []byte("a-lot-secret1234")
+var s = New(hashKey, blockKey)
+
+type Cookie struct {
+	B bool
+	I int
+	S string
+}
+
+func Fuzz(data []byte) int {
+	datas := string(data)
+	var c Cookie
+	if err := s.Decode("fuzz", datas, &c); err != nil {
+		return 0
+	}
+	if _, err := s.Encode("fuzz", c); err != nil {
+		panic(err)
+	}
+	return 1
+}
diff --git a/fuzz/gencorpus.go b/fuzz/gencorpus.go
new file mode 100644
index 0000000..368192b
--- /dev/null
+++ b/fuzz/gencorpus.go
@@ -0,0 +1,47 @@
+package main
+
+import (
+	"fmt"
+	"io"
+	"math/rand"
+	"os"
+	"reflect"
+	"testing/quick"
+
+	"github.com/gorilla/securecookie"
+)
+
+var hashKey = []byte("very-secret12345")
+var blockKey = []byte("a-lot-secret1234")
+var s = securecookie.New(hashKey, blockKey)
+
+type Cookie struct {
+	B bool
+	I int
+	S string
+}
+
+func main() {
+	var c Cookie
+	t := reflect.TypeOf(c)
+	rnd := rand.New(rand.NewSource(0))
+	for i := 0; i < 100; i++ {
+		v, ok := quick.Value(t, rnd)
+		if !ok {
+			panic("couldn't generate value")
+		}
+		encoded, err := s.Encode("fuzz", v.Interface())
+		if err != nil {
+			panic(err)
+		}
+		f, err := os.Create(fmt.Sprintf("corpus/%d.sc", i))
+		if err != nil {
+			panic(err)
+		}
+		_, err = io.WriteString(f, encoded)
+		if err != nil {
+			panic(err)
+		}
+		f.Close()
+	}
+}