Fuzz qcow2 parser

[kostko]

The qcow2 parser should be fuzzed to ensure it doesn't panic during deserialization. Currently it seems that a malformed header can cause it to panic, for example:

#[test]
fn test_qcow2_parsing() {
    let data = hex::decode("514649fb252525fa494651252525e7e70000000000000069252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525").unwrap();
    let qcow2_hdr = qcow2_rs::meta::Qcow2Header::from_buf(&data[..]); // Panics.
}

Panics with:

thread 'test_qcow2_parsing' panicked at .cargo/registry/src/index.crates.io-1949cf8c6b5b557f/qcow2-rs-0.1.6/src/meta.rs:444:28:
attempt to shift left with overflow

[ming1]

Thanks for the report!

PR #8 is pushed for covering this issue, can you check if it works for you?

Thanks,

[kostko]

The fix for this particular issue looks good to me. I would also recommend adding some fuzzers, e.g. using honggfuzz or similar.

[ming1]

The fix for this particular issue looks good to me. I would also recommend adding some fuzzers, e.g. using honggfuzz or similar.

Good point, but I need to study hongfuzz a bit, then will add hongfuzz based test.

Thanks!