mineracks/seedhammer-v1-companion
1
0
Fork 0
mirror of https://github.com/mineracks/seedhammer-v1-companion.git synced 2026-06-26 20:51:06 +10:00
Code Issues Actions Packages Projects Releases Wiki Activity
main
seedhammer-v1-companion/engrave
History
mineracks d7dd748fe4 #5 SH1E Pi-side decoder + fuzz harness 
Two pieces required before any real-device release ships:

(1) cmd/sh1e-decode — a Pi-side CLI that validates and pretty-prints
    an SH1E envelope. Reads from stdin, a file, or a hex string
    (`-hex "53 48 31 45 ..."`, spaces/colons/pipes stripped so you
    can paste straight from the composer's hex dump pane).

    Output: ACCEPT line with byte count + fingerprint, then per-block
    summaries (plate type, every text block's font/size/anchor/align/
    rotation/content, every SVG path's anchor/scale/rotation/d-string).
    On rejection: REJECT <TAG>: <error> where TAG is a stable label
    matching the sentinel error name — easy to grep in CI fuzz runs.

    Run it like:
      sh1e-decode some-design.sh1e
      sh1e-decode < piped-stdin
      sh1e-decode -hex "53 48 31 45 01 4f 00 ..."

(2) engrave/wire/sh1e/fuzz_test.go — native Go 1.18+ fuzz harness for
    Decode and a faster envelope-only variant.

    Property: any input must either return a valid Design that
    round-trips through Encode to byte-identical output (canonical
    encoding) OR return a non-nil error. A panic, hang, or
    out-of-memory is a test failure — the Pi controller runs this
    parser on untrusted QR-scanned bytes and a crash there is a
    real-world fault.

    Seed corpus: valid envelopes from the existing tests +
    deliberately corrupted variants (length-field flipped, payload
    byte flipped) + obvious shape attacks (empty, wrong magic, wrong
    version, mostly-FF spam).

    Smoke-tested for 5 seconds → 0 crashes, 933k execs/sec, 60 new
    interesting inputs discovered, 72 corpus entries. Spec calls for
    1 CPU-week before any release ships; CI runs a shorter window
    per merge.

    Run with:
      go test -fuzz=FuzzDecode -fuzztime=10m ./engrave/wire/sh1e
      go test -fuzz=FuzzDecodeEnvelopeOnly -fuzztime=10m ./engrave/wire/sh1e

Plus a CRC-stdlib drift smoke test guarding against a future
dependency swap quietly changing the CRC table.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-28 20:41:34 +10:00
..
testdata/fuzz/FuzzConstantQR Lift composer substrate from upstream v1.3.0 2026-05-28 18:36:40 +10:00
wire #5 SH1E Pi-side decoder + fuzz harness 2026-05-28 20:41:34 +10:00
doc.go Lift composer substrate from upstream v1.3.0 2026-05-28 18:36:40 +10:00
engrave_test.go Lift composer substrate from upstream v1.3.0 2026-05-28 18:36:40 +10:00
engrave.go Lift composer substrate from upstream v1.3.0 2026-05-28 18:36:40 +10:00