From f41d63e0465b0b264c0217cfac2bde4c8ca0cab3 Mon Sep 17 00:00:00 2001 From: Shaobo He Date: Thu, 6 Feb 2025 11:26:32 -0800 Subject: [PATCH 1/2] Adjust targets for RFC 53 Signed-off-by: Shaobo He --- .../fuzz/fuzz_targets/roundtrip-entities.rs | 22 +++++++++++-------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs b/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs index 731b73dc6..511388d92 100644 --- a/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs +++ b/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs @@ -107,14 +107,18 @@ fuzz_target!(|input: FuzzTargetInput| { Extensions::all_available(), TCComputation::EnforceAlreadyComputed, ); - let roundtripped_entities = eparser - .from_json_value(json.clone()) - .expect("Should be able to parse serialized entity JSON"); - // Weaker assertion for schema based parsing because it adds actions from the schema into entities. - for e in input.entities { - let roundtripped_e = roundtripped_entities - .entity(e.uid()) - .expect("Schema-based roundtrip dropped entity"); - assert_eq!(&e, roundtripped_e); + match eparser.from_json_value(json.clone()) { + Ok(roundtripped_entities) => { + // Weaker assertion for schema based parsing because it adds actions from the schema into entities. + for e in input.entities { + let roundtripped_e = roundtripped_entities + .entity(e.uid()) + .expect("Schema-based roundtrip dropped entity"); + assert_eq!(&e, roundtripped_e); + } + } + Err(errs) => { + assert!(matches!(errs, EntitiesError::InvalidEntity(_))); + } } }); From 1191d4bbdc1246e7dfb9745fc62ee27b4f03dd77 Mon Sep 17 00:00:00 2001 From: Shaobo He Date: Fri, 7 Feb 2025 10:06:18 -0800 Subject: [PATCH 2/2] refinement Signed-off-by: Shaobo He --- cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs b/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs index 511388d92..ee81f939a 100644 --- a/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs +++ b/cedar-drt/fuzz/fuzz_targets/roundtrip-entities.rs @@ -21,7 +21,10 @@ use cedar_drt::{ extensions::Extensions, Entities, ValidatorSchema, }; -use cedar_policy::{entities_errors::EntitiesError, entities_json_errors::JsonSerializationError}; +use cedar_policy::{ + conformance_errors::EntitySchemaConformanceError, entities_errors::EntitiesError, + entities_json_errors::JsonSerializationError, +}; use cedar_policy_generators::{ hierarchy::HierarchyGenerator, schema::Schema, settings::ABACSettings, }; @@ -107,6 +110,8 @@ fuzz_target!(|input: FuzzTargetInput| { Extensions::all_available(), TCComputation::EnforceAlreadyComputed, ); + // The entity store generator currently produces entities of enumerated entity types but with invalid EIDs, + // which are rejected by entity validation match eparser.from_json_value(json.clone()) { Ok(roundtripped_entities) => { // Weaker assertion for schema based parsing because it adds actions from the schema into entities. @@ -117,8 +122,12 @@ fuzz_target!(|input: FuzzTargetInput| { assert_eq!(&e, roundtripped_e); } } - Err(errs) => { - assert!(matches!(errs, EntitiesError::InvalidEntity(_))); + Err(err) => { + // The error should only be `InvalidEnumEntity` + assert!(matches!( + err, + EntitiesError::InvalidEntity(EntitySchemaConformanceError::InvalidEnumEntity(_)) + )); } } });