From c30cc000754ff6fa729d1c5b0399018a10e30a1d Mon Sep 17 00:00:00 2001
From: Arjun Singh <ajsinghyadav00@gmail.com>
Date: Fri, 21 Jul 2023 13:38:53 +0530
Subject: [PATCH 1/2] [Fuzzing] Add fuzz testing

Signed-off-by: Arjun Singh <ajsinghyadav00@gmail.com>
---
 Makefile     |  6 ++++++
 fuzz_test.go | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 fuzz_test.go

diff --git a/Makefile b/Makefile
index c4966472..da49f5cc 100644
--- a/Makefile
+++ b/Makefile
@@ -55,6 +55,12 @@ test:
 quicktest:
 	go test ./...
 
+fuzz:
+	go test -fuzz=FuzzParseDN				-fuzztime=600s .
+	go test -fuzz=FuzzDecodeEscapedSymbols	-fuzztime=600s .
+	go test -fuzz=FuzzEscapeFilter 			-fuzztime=600s .
+	go test -fuzz=FuzzEscapeDN 				-fuzztime=600s .
+
 # Capture output and force failure when there is non-empty output
 fmt:
 	@echo gofmt -l .
diff --git a/fuzz_test.go b/fuzz_test.go
new file mode 100644
index 00000000..c65c2d66
--- /dev/null
+++ b/fuzz_test.go
@@ -0,0 +1,57 @@
+//go:build go1.18
+// +build go1.18
+
+package ldap
+
+import "testing"
+
+func FuzzParseDN(f *testing.F) {
+
+	f.Add("*")
+	f.Add("cn=Jim\\0Test")
+	f.Add("cn=Jim\\0")
+	f.Add("DC=example,=net")
+	f.Add("o=a+o=B")
+
+	f.Fuzz(func(t *testing.T, input_data string) {
+		_, _ = ParseDN(input_data)
+	})
+}
+
+func FuzzDecodeEscapedSymbols(f *testing.F) {
+
+	f.Add([]byte("a\u0100\x80"))
+	f.Add([]byte(`start\d`))
+	f.Add([]byte(`\`))
+	f.Add([]byte(`start\--end`))
+	f.Add([]byte(`start\d0\hh`))
+
+	f.Fuzz(func(t *testing.T, input_data []byte) {
+		_, _ = decodeEscapedSymbols(input_data)
+	})
+}
+
+func FuzzEscapeFilter(f *testing.F) {
+
+	f.Add("a\x00b(c)d*e\\f")
+	f.Add("Lučić")
+
+	f.Fuzz(func(t *testing.T, input_data string) {
+		_ = EscapeFilter(input_data)
+	})
+}
+
+func FuzzEscapeDN(f *testing.F) {
+
+	f.Add("test,user")
+	f.Add("#test#user#")
+	f.Add("\\test\\user\\")
+	f.Add("  test user  ")
+	f.Add("\u0000te\x00st\x00user" + string(rune(0)))
+	f.Add("test\"+,;<>\\-_user")
+	f.Add("test\u0391user ")
+
+	f.Fuzz(func(t *testing.T, input_data string) {
+		_ = EscapeDN(input_data)
+	})
+}

From deff336daa52820d63d4c19d276f918d0f473b19 Mon Sep 17 00:00:00 2001
From: Arjun Singh <ajsinghyadav00@gmail.com>
Date: Tue, 1 Aug 2023 12:18:41 +0530
Subject: [PATCH 2/2] [Fuzzing]  remove FuzzEscapeFilter

Signed-off-by: Arjun Singh <ajsinghyadav00@gmail.com>
---
 Makefile     |  1 -
 fuzz_test.go | 10 ----------
 2 files changed, 11 deletions(-)

diff --git a/Makefile b/Makefile
index da49f5cc..0a414a0e 100644
--- a/Makefile
+++ b/Makefile
@@ -58,7 +58,6 @@ quicktest:
 fuzz:
 	go test -fuzz=FuzzParseDN				-fuzztime=600s .
 	go test -fuzz=FuzzDecodeEscapedSymbols	-fuzztime=600s .
-	go test -fuzz=FuzzEscapeFilter 			-fuzztime=600s .
 	go test -fuzz=FuzzEscapeDN 				-fuzztime=600s .
 
 # Capture output and force failure when there is non-empty output
diff --git a/fuzz_test.go b/fuzz_test.go
index c65c2d66..eeee720d 100644
--- a/fuzz_test.go
+++ b/fuzz_test.go
@@ -31,16 +31,6 @@ func FuzzDecodeEscapedSymbols(f *testing.F) {
 	})
 }
 
-func FuzzEscapeFilter(f *testing.F) {
-
-	f.Add("a\x00b(c)d*e\\f")
-	f.Add("Lučić")
-
-	f.Fuzz(func(t *testing.T, input_data string) {
-		_ = EscapeFilter(input_data)
-	})
-}
-
 func FuzzEscapeDN(f *testing.F) {
 
 	f.Add("test,user")