mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 20:51:30 +00:00
shankar0123
a0afa7ab6f
Added Go native fuzz tests (testing/fuzz) for security-critical input validation: 1. FuzzValidateShellCommand in internal/validation/command_fuzz_test.go - Tests shell command validation with injection payloads (;, |, &, $, `, etc.) - Seed corpus includes valid commands and dangerous metacharacters - Ensures function never panics under fuzzing 2. FuzzValidateDomainName in internal/validation/command_fuzz_test.go - Tests RFC 1123 domain validation with wildcard support - Seed corpus includes SQL injection, path traversal, and malformed domains - Ensures function never panics under fuzzing 3. FuzzValidateACMEToken in internal/validation/command_fuzz_test.go - Tests base64url token validation - Seed corpus includes injection payloads and special characters - Ensures function never panics under fuzzing 4. FuzzIsValidRevocationReason in internal/domain/revocation_fuzz_test.go - Tests RFC 5280 revocation reason validation - Seed corpus includes case variations, injection attempts, and null bytes - Ensures function never panics and returns only valid booleans 5. FuzzCRLReasonCode in internal/domain/revocation_fuzz_test.go - Tests CRL reason code mapping - Validates return codes are within 0-9 range - Ensures invalid reasons default to 0 (unspecified) All fuzz tests follow Go 1.18+ testing/fuzz conventions with seed corpus for faster discovery of edge cases. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>