Skip to content

Fix fuzz harness panic on malformed options input#18179

Merged
pelikhan merged 4 commits intomainfrom
copilot/fix-fuzz-job-harness-panic
Feb 24, 2026
Merged

Fix fuzz harness panic on malformed options input#18179
pelikhan merged 4 commits intomainfrom
copilot/fix-fuzz-job-harness-panic

Conversation

Copy link
Contributor

Copilot AI commented Feb 24, 2026
edited
Loading

The FuzzParseInputDefinition harness panicked before reaching the parser when given truncated options input like {"options":[" ]. The options-parsing loop extracted a single " character, which passed the HasPrefix/HasSuffix quote check but caused part[1:len(part)-1]part[1:0] to panic with "slice bounds out of range".

Changes

  • pkg/workflow/workflow_dispatch_inputs_fuzz_test.go
    • Guard the quote-strip slice with len(part) >= 2 before applying HasPrefix/HasSuffix: 
      if len(part) >= 2 && strings.HasPrefix(part, `"`) && strings.HasSuffix(part, `"`) {
    options = append(options, part[1:len(part)-1])
}
    • Add {"options":[" ] to the seed corpus to prevent regression
Original prompt

This section details on the original issue you should resolve

<issue_title>[CI Failure Doctor] Fuzz job harness panics on malformed options</issue_title>
<issue_description>### CI Failure Investigation - Run github/gh-aw#37724

Summary

The fuzz job crashed because the FuzzParseInputDefinition harness splits option tokens and slices them without checking their length, causing a panic on truncated input before the parser ever runs.

Failure Details

Root Cause Analysis

The harness extracts options values by splitting the string between [ and ] and then slicing each quoted token with part[1:len(part)-1] when it sees matching quotes. A malformed fuzz input like {"options":[" ] produces a token too short (no closing quote), so the slice bounds become len(part)-1 < 1 and Go panics with "slice bounds out of range" before ParseInputDefinition ever executes. The failure is therefore a harness bug rather than a parser regression.

Failed Jobs and Errors

  • fuzz: ParseInputDefinition panicked on input: "{\"options\":[\" ]", panic: runtime error: slice bounds out of range [1:0]
Investigation Findings
  1. The crash occurs while manually parsing the fuzz corpus string; the parser is never invoked with a usable config when the options extraction sees a truncated value.
  2. Guarding the slice with len(part) >= 2 avoids the panic while allowing the rest of the harness to keep running.
  3. The guarded harness compiles and should stabilize the fuzz job going forward.

Recommended Actions

  • Merge the guard for options parsing so the fuzz harness verifies len(part) >= 2 before slicing quoted tokens.
  • Re-run the fuzz job to confirm the panic no longer occurs.

Prevention Strategies

Add defensive bounds checks around all manual substring operations in fuzz harnesses (e.g., ensure quoted tokens have at least two characters before slicing) so malformed inputs do not crash the harness.

AI Team Self-Improvement

When crafting fuzz harness parsers, always check string length before slicing quoted tokens to prevent Go panics even if the generated input is truncated.

Historical Context

No recent recordings of this exact panic were found in the investigation cache.

🩺 Diagnosis provided by CI Failure Doctor

To install this workflow, run gh aw add githubnext/agentics/workflows/ci-doctor.md@ea350161ad5dcc9624cf510f134c6a9e39a6f94d. View source at https://github.com/githubnext/agentics/tree/ea350161ad5dcc9624cf510f134c6a9e39a6f94d/workflows/ci-doctor.md.

  • expires on Feb 25, 2026, 3:39 PM UTC

Comments on the Issue (you are @copilot in this section)

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Copilot AI and others added 2 commits February 24, 2026 16:17
@pelikhan
initial plan
f497a88 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
fix: add len(part) >= 2 guard in FuzzParseInputDefinition options par…
55b7230 
…sing to prevent slice bounds panic

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix fuzz job harness panic on malformed options Fix fuzz harness panic on malformed options input Feb 24, 2026
@pelikhan pelikhan marked this pull request as ready for review February 24, 2026 16:22
Copilot AI review requested due to automatic review settings February 24, 2026 16:22
@pelikhan pelikhan merged commit db8724d into main Feb 24, 2026
1 check passed
@pelikhan pelikhan deleted the copilot/fix-fuzz-job-harness-panic branch February 24, 2026 16:22
Copilot AI reviewed Feb 24, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a panic in the FuzzParseInputDefinition harness that occurred when processing malformed options input. The harness was attempting to strip quotes from option values without first verifying the string was long enough, causing a "slice bounds out of range" panic on truncated inputs like {"options":[" ].

Changes:

  • Added a length guard (len(part) >= 2) before stripping quotes from option tokens
  • Added a regression test case to the seed corpus with the malformed input that triggered the original panic

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[CI Failure Doctor] Fuzz job harness panics on malformed options

3 participants

@pelikhan