Skip to content

Add Undici fuzzing integration#15453

Open
rootvector2 wants to merge 1 commit intogoogle:masterfrom
rootvector2:add-undici-oss-fuzz
Open

Add Undici fuzzing integration#15453
rootvector2 wants to merge 1 commit intogoogle:masterfrom
rootvector2:add-undici-oss-fuzz

Conversation

@rootvector2
Copy link
Copy Markdown
Contributor

@rootvector2 rootvector2 commented May 1, 2026

This adds an initial OSS-Fuzz integration for Undici, the HTTP client used by Node.js.

The integration uses the JavaScript/Jazzer.js OSS-Fuzz setup and adds three fuzz targets covering:

  • Headers, Request, and Response construction and header mutation
  • undici.request with a MockAgent, so fuzzing does not make network calls
  • fetch with FormData and a mocked response path

A couple of notes about the setup:

  • The project is pinned to Undici's v6.x branch for now. Current Undici releases require a newer Node.js runtime than the OSS-Fuzz JavaScript base image provides.
  • Jazzer.js is rebuilt inside the image because the published Linux prebuild currently requires a newer glibc than the OSS-Fuzz base image has. The rebuild is pinned to the same Jazzer.js version installed by npm.
  • primary_contact is set to [email protected], matching the existing Node.js OSS-Fuzz project contact.

I verified this locally with:

DOCKER_DEFAULT_PLATFORM=linux/amd64 python3 infra/helper.py build_image --no-pull undici
DOCKER_DEFAULT_PLATFORM=linux/amd64 python3 infra/helper.py build_fuzzers --clean --engine libfuzzer --sanitizer none undici
DOCKER_DEFAULT_PLATFORM=linux/amd64 python3 infra/helper.py check_build --engine libfuzzer --sanitizer none undici
DOCKER_DEFAULT_PLATFORM=linux/amd64 python3 infra/helper.py run_fuzzer --engine libfuzzer --sanitizer none undici fuzz_headers -- -runs=25
DOCKER_DEFAULT_PLATFORM=linux/amd64 python3 infra/helper.py run_fuzzer --engine libfuzzer --sanitizer none undici fuzz_request -- -runs=25
DOCKER_DEFAULT_PLATFORM=linux/amd64 python3 infra/helper.py run_fuzzer --engine libfuzzer --sanitizer none undici fuzz_fetch_formdata -- -runs=25

@rootvector2 rootvector2 mentioned this pull request May 1, 2026
Open
@rootvector2
Copy link
Copy Markdown
Contributor Author

rootvector2 commented May 1, 2026

I also opened an upstream Undici issue asking maintainers to confirm the OSS-Fuzz contact and leave an LGTM if the integration looks good from their side: nodejs/undici#5154

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 1, 2026

rootvector2 is integrating a new project:
- Main repo: https://github.com/nodejs/undici.git
- Criticality score: 0.65204

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rootvector2