SRLabs: Introduce Fuzzing Harness (#365)

We use [ziggy](https://github.com/srlabs/ziggy/) to orchestrate fuzzing.
Ziggy uses both AFL++ and Honggfuzz under the hood.

This harness performs "structure aware" fuzzing where the messages are
serialized using bincode/serde, similar to
[arbitrary](https://github.com/rust-fuzz/arbitrary)

Note that I had to update ``cid`` to get the ``serde`` feature support.
Hope this is okay.

Author: R9295

Cargo.lock

@@ -5,14 +5,18 @@ license = "MIT"
 version = "0.9.3"
 edition = "2021"
 
+# cargo-machete does not detect serde_millis usage, so we ignore the warning
+[package.metadata.cargo-machete]
+ignored = ["serde_millis"]
+
 [build-dependencies]
 prost-build = "0.13"
 
 [dependencies]
 async-trait = "0.1.81"
 bs58 = "0.5.1"
 bytes = "1.6.1"
-cid = "0.10.1"
+cid = "0.11.1"
 ed25519-dalek = { version = "2.1.1", features = ["rand_core"] }
 futures = "0.3.27"
 futures-timer = "3.0.3"
@@ -21,14 +25,14 @@ indexmap = { version = "2.7.1", features = ["std"] }
 libc = "0.2.158"
 mockall = "0.13.1"
 multiaddr = "0.17.0"
-multihash = { version = "0.17.0", default-features = false, features = ["std", "multihash-impl", "identity", "sha2"] }
+multihash = { version = "0.17.0", default-features = false, features = ["std", "multihash-impl", "identity", "sha2", "blake2b"] }
 network-interface = "1.1.1"
 parking_lot = "0.12.3"
 pin-project = "1.1.0"
 prost = "0.12.6"
 rand = { version = "0.8.0", features = ["getrandom"] }
 rcgen = "0.10.0"
-serde = "1.0.158"
+serde = { version = "1.0.158" }
 sha2 = "0.10.8"
 simple-dns = "0.9.3"
 smallvec = "1.13.2"
@@ -56,6 +60,7 @@ quinn = { version = "0.9.3", default-features = false, features = ["tls-rustls",
 rustls = { version = "0.20.7", default-features = false, features = ["dangerous_configuration"], optional = true }
 ring = { version = "0.16.20", optional = true }
 webpki = { version = "0.22.4", optional = true }
+serde_millis = {version = "0.1", optional = true}
 
 [dev-dependencies]
 libp2p = { version = "0.51.4", features = [
@@ -78,6 +83,8 @@ tracing-subscriber = { version = "0.3.16", features = ["env-filter"] }
 futures_ringbuf = "0.4.0"
 
 [features]
+fuzz = ["serde/derive", "serde/rc", "bytes/serde", "dep:serde_millis", "cid/serde", "multihash/serde"]
+custom_sc_network = []
 quic = ["dep:webpki", "dep:quinn", "dep:rustls", "dep:ring"]
 webrtc = ["dep:str0m"]
 websocket = ["dep:tokio-tungstenite"]

Cargo.toml

@@ -1,14 +1,21 @@
 fn main() {
-    prost_build::compile_protos(
-        &[
-            "src/schema/keys.proto",
-            "src/schema/noise.proto",
-            "src/schema/webrtc.proto",
-            "src/protocol/libp2p/schema/identify.proto",
-            "src/protocol/libp2p/schema/kademlia.proto",
-            "src/protocol/libp2p/schema/bitswap.proto",
-        ],
-        &["src"],
-    )
-    .unwrap();
+    let mut config = prost_build::Config::new();
+    // Configure Prost to add #[derive(Serialize, Deserialize)] to all generated structs
+    config.type_attribute(
+        ".",
+        "#[cfg_attr(feature = \"fuzz\", derive(serde::Serialize, serde::Deserialize))]",
+    );
+    config
+        .compile_protos(
+            &[
+                "src/schema/keys.proto",
+                "src/schema/noise.proto",
+                "src/schema/webrtc.proto",
+                "src/protocol/libp2p/schema/identify.proto",
+                "src/protocol/libp2p/schema/kademlia.proto",
+                "src/protocol/libp2p/schema/bitswap.proto",
+            ],
+            &["src"],
+        )
+        .unwrap();
 }