Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(691)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/spdy/fuzzing/hpack_fuzz_util.cc

Issue 1535363003: Switch to standard integer types in net/. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: stddef Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/spdy/fuzzing/hpack_fuzz_util.h ('k') | net/spdy/fuzzing/hpack_fuzz_util_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/spdy/fuzzing/hpack_fuzz_util.h" 5 #include "net/spdy/fuzzing/hpack_fuzz_util.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <cmath> 8 #include <cmath>
9 9
10 #include "base/rand_util.h" 10 #include "base/rand_util.h"
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after
110 return std::min(static_cast<size_t>(-std::log(base::RandDouble()) * mean), 110 return std::min(static_cast<size_t>(-std::log(base::RandDouble()) * mean),
111 sanity_bound); 111 sanity_bound);
112 } 112 }
113 113
114 // static 114 // static
115 bool HpackFuzzUtil::NextHeaderBlock(Input* input, 115 bool HpackFuzzUtil::NextHeaderBlock(Input* input,
116 StringPiece* out) { 116 StringPiece* out) {
117 // ClusterFuzz may truncate input files if the fuzzer ran out of allocated 117 // ClusterFuzz may truncate input files if the fuzzer ran out of allocated
118 // disk space. Be tolerant of these. 118 // disk space. Be tolerant of these.
119 CHECK_LE(input->offset, input->input.size()); 119 CHECK_LE(input->offset, input->input.size());
120 if (input->remaining() < sizeof(uint32)) { 120 if (input->remaining() < sizeof(uint32_t)) {
121 return false; 121 return false;
122 } 122 }
123 123
124 size_t length = 124 size_t length =
125 base::NetToHost32(*reinterpret_cast<const uint32*>(input->ptr())); 125 base::NetToHost32(*reinterpret_cast<const uint32_t*>(input->ptr()));
126 input->offset += sizeof(uint32); 126 input->offset += sizeof(uint32_t);
127 127
128 if (input->remaining() < length) { 128 if (input->remaining() < length) {
129 return false; 129 return false;
130 } 130 }
131 *out = StringPiece(input->ptr(), length); 131 *out = StringPiece(input->ptr(), length);
132 input->offset += length; 132 input->offset += length;
133 return true; 133 return true;
134 } 134 }
135 135
136 // static 136 // static
137 string HpackFuzzUtil::HeaderBlockPrefix(size_t block_size) { 137 string HpackFuzzUtil::HeaderBlockPrefix(size_t block_size) {
138 uint32 length = base::HostToNet32(static_cast<uint32>(block_size)); 138 uint32_t length = base::HostToNet32(static_cast<uint32_t>(block_size));
139 return string(reinterpret_cast<char*>(&length), sizeof(uint32)); 139 return string(reinterpret_cast<char*>(&length), sizeof(uint32_t));
140 } 140 }
141 141
142 // static 142 // static
143 void HpackFuzzUtil::InitializeFuzzerContext(FuzzerContext* context) { 143 void HpackFuzzUtil::InitializeFuzzerContext(FuzzerContext* context) {
144 context->first_stage.reset(new HpackDecoder(ObtainHpackHuffmanTable())); 144 context->first_stage.reset(new HpackDecoder(ObtainHpackHuffmanTable()));
145 context->second_stage.reset(new HpackEncoder(ObtainHpackHuffmanTable())); 145 context->second_stage.reset(new HpackEncoder(ObtainHpackHuffmanTable()));
146 context->third_stage.reset(new HpackDecoder(ObtainHpackHuffmanTable())); 146 context->third_stage.reset(new HpackDecoder(ObtainHpackHuffmanTable()));
147 } 147 }
148 148
149 // static 149 // static
(...skipping 19 matching lines...) Expand all
169 second_stage_out.data(), second_stage_out.length())) { 169 second_stage_out.data(), second_stage_out.length())) {
170 return false; 170 return false;
171 } 171 }
172 if (!context->third_stage->HandleControlFrameHeadersComplete(nullptr)) { 172 if (!context->third_stage->HandleControlFrameHeadersComplete(nullptr)) {
173 return false; 173 return false;
174 } 174 }
175 return true; 175 return true;
176 } 176 }
177 177
178 // static 178 // static
179 void HpackFuzzUtil::FlipBits(uint8* buffer, size_t buffer_length, 179 void HpackFuzzUtil::FlipBits(uint8_t* buffer,
180 size_t buffer_length,
180 size_t flip_per_thousand) { 181 size_t flip_per_thousand) {
181 uint64 buffer_bit_length = buffer_length * 8u; 182 uint64_t buffer_bit_length = buffer_length * 8u;
182 uint64 bits_to_flip = flip_per_thousand * (1 + buffer_bit_length / 1024); 183 uint64_t bits_to_flip = flip_per_thousand * (1 + buffer_bit_length / 1024);
183 184
184 // Iteratively identify & flip offsets in the buffer bit-sequence. 185 // Iteratively identify & flip offsets in the buffer bit-sequence.
185 for (uint64 i = 0; i != bits_to_flip; ++i) { 186 for (uint64_t i = 0; i != bits_to_flip; ++i) {
186 uint64 bit_offset = base::RandUint64() % buffer_bit_length; 187 uint64_t bit_offset = base::RandUint64() % buffer_bit_length;
187 buffer[bit_offset / 8u] ^= (1 << (bit_offset % 8u)); 188 buffer[bit_offset / 8u] ^= (1 << (bit_offset % 8u));
188 } 189 }
189 } 190 }
190 191
191 } // namespace net 192 } // namespace net
OLDNEW
« no previous file with comments | « net/spdy/fuzzing/hpack_fuzz_util.h ('k') | net/spdy/fuzzing/hpack_fuzz_util_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698