OLD | NEW |
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Fuzz testing for EncodedProgram serialized format and assembly. | 5 // Fuzz testing for EncodedProgram serialized format and assembly. |
6 // | 6 // |
7 // We would like some assurance that if an EncodedProgram is malformed we will | 7 // We would like some assurance that if an EncodedProgram is malformed we will |
8 // not crash. The EncodedProgram could be malformed either due to malicious | 8 // not crash. The EncodedProgram could be malformed either due to malicious |
9 // attack to due to an error in patch generation. | 9 // attack to due to an error in patch generation. |
10 // | 10 // |
(...skipping 12 matching lines...) Expand all Loading... |
23 | 23 |
24 #include "testing/gtest/include/gtest/gtest.h" | 24 #include "testing/gtest/include/gtest/gtest.h" |
25 | 25 |
26 class DecodeFuzzTest : public testing::Test { | 26 class DecodeFuzzTest : public testing::Test { |
27 public: | 27 public: |
28 void FuzzExe(const char *) const; | 28 void FuzzExe(const char *) const; |
29 | 29 |
30 private: | 30 private: |
31 virtual void SetUp() { | 31 virtual void SetUp() { |
32 PathService::Get(base::DIR_SOURCE_ROOT, &testdata_dir_); | 32 PathService::Get(base::DIR_SOURCE_ROOT, &testdata_dir_); |
33 testdata_dir_ = testdata_dir_.Append(L"courgette"); | 33 testdata_dir_ = testdata_dir_.AppendASCII("courgette"); |
34 testdata_dir_ = testdata_dir_.Append(L"testdata"); | 34 testdata_dir_ = testdata_dir_.AppendASCII("testdata"); |
35 } | 35 } |
36 | 36 |
37 virtual void TearDown() { } | 37 virtual void TearDown() { } |
38 | 38 |
39 void FuzzByte(const std::string& buffer, const std::string& output, | 39 void FuzzByte(const std::string& buffer, const std::string& output, |
40 size_t index) const; | 40 size_t index) const; |
41 void FuzzBits(const std::string& buffer, const std::string& output, | 41 void FuzzBits(const std::string& buffer, const std::string& output, |
42 size_t index, int bits_to_flip) const; | 42 size_t index, int bits_to_flip) const; |
43 | 43 |
44 // Returns true if could assemble, false if rejected. | 44 // Returns true if could assemble, false if rejected. |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
181 if (diff < -200 || diff > 200) { | 181 if (diff < -200 || diff > 200) { |
182 EXPECT_EQ(base_length, modified_length); | 182 EXPECT_EQ(base_length, modified_length); |
183 } | 183 } |
184 | 184 |
185 size_t changed_byte_count = 0; | 185 size_t changed_byte_count = 0; |
186 for (size_t i = 0; i < base_length && i < modified_length; ++i) { | 186 for (size_t i = 0; i < base_length && i < modified_length; ++i) { |
187 changed_byte_count += (base_output[i] != modified_output[i]); | 187 changed_byte_count += (base_output[i] != modified_output[i]); |
188 } | 188 } |
189 | 189 |
190 if (index > 60) { // Beyond the origin addresses ... | 190 if (index > 60) { // Beyond the origin addresses ... |
191 EXPECT_NE(0, changed_byte_count); // ... we expect some difference. | 191 EXPECT_NE(0U, changed_byte_count); // ... we expect some difference. |
192 } | 192 } |
193 // Currently all changes are smaller than this number: | 193 // Currently all changes are smaller than this number: |
194 EXPECT_GE(45000u, changed_byte_count); | 194 EXPECT_GE(45000U, changed_byte_count); |
195 } | 195 } |
196 } | 196 } |
197 | 197 |
198 bool DecodeFuzzTest::TryAssemble(const std::string& buffer, | 198 bool DecodeFuzzTest::TryAssemble(const std::string& buffer, |
199 std::string* output) const { | 199 std::string* output) const { |
200 courgette::EncodedProgram *encoded = NULL; | 200 courgette::EncodedProgram *encoded = NULL; |
201 bool result = false; | 201 bool result = false; |
202 | 202 |
203 courgette::SourceStreamSet sources; | 203 courgette::SourceStreamSet sources; |
204 bool can_get_source_streams = sources.Init(buffer.c_str(), buffer.length()); | 204 bool can_get_source_streams = sources.Init(buffer.c_str(), buffer.length()); |
(...skipping 21 matching lines...) Expand all Loading... |
226 return result; | 226 return result; |
227 } | 227 } |
228 | 228 |
229 TEST_F(DecodeFuzzTest, All) { | 229 TEST_F(DecodeFuzzTest, All) { |
230 FuzzExe("setup1.exe"); | 230 FuzzExe("setup1.exe"); |
231 } | 231 } |
232 | 232 |
233 int main(int argc, char** argv) { | 233 int main(int argc, char** argv) { |
234 return TestSuite(argc, argv).Run(); | 234 return TestSuite(argc, argv).Run(); |
235 } | 235 } |
OLD | NEW |