Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(291)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/http_proxy_client_socket_fuzzer.cc

Issue 1917503002: URLRequest fuzzer. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@fuzz
Patch Set: Update other fuzzers (Lost them in a merge) Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/base/fuzzed_data_provider.cc ('K') | « net/data/http/http.dict ('k') | net/http/http_stream_parser_fuzzer.cc » ('j') | net/socket/fuzzed_socket.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_proxy_client_socket_fuzzer.cc
diff --git a/net/http/http_proxy_client_socket_fuzzer.cc b/net/http/http_proxy_client_socket_fuzzer.cc
index 2fab8e03d4363196ef3dd4fc04acfaec5ebb8ccc..236af8fdfcb431c5a951b5aada34ca7bc2ef8b0f 100644
--- a/net/http/http_proxy_client_socket_fuzzer.cc
+++ b/net/http/http_proxy_client_socket_fuzzer.cc
@@ -14,6 +14,7 @@
#include "base/strings/utf_string_conversions.h"
#include "net/base/address_list.h"
#include "net/base/auth.h"
+#include "net/base/fuzzed_data_provider.h"
#include "net/base/host_port_pair.h"
#include "net/base/test_completion_callback.h"
#include "net/http/http_auth_cache.h"
@@ -33,19 +34,17 @@
// class for details.
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
// Use a test NetLog, to exercise logging code.
- net::BoundTestNetLog bound_test_net_log;
+ net::TestNetLog test_net_log;
+
+ net::FuzzedDataProvider data_provider(data, size);
// Use last byte to determine if the HttpProxyClientSocket should be told the
eroman 2016/04/22 22:07:10 Generalize this comment, or remove it. Where the d
mmenke 2016/04/27 19:53:25 Done.
// underlying socket is HTTPS.
- bool is_https_proxy = 0;
- if (size > 0) {
- is_https_proxy = !(data[size - 1] & 1);
- size--;
- }
+ bool is_https_proxy = !(data_provider.ConsumeBits(8) & 1);
eroman 2016/04/22 22:07:10 Why not "!data_provider.ConsumeBits(1)" ? Are you
mmenke 2016/04/22 22:59:32 My concern is stability - the fuzzer works by modi
mmenke 2016/04/27 19:53:25 I've updated ConsumeBits to always consume an exac
net::TestCompletionCallback callback;
std::unique_ptr<net::FuzzedSocket> fuzzed_socket(
- new net::FuzzedSocket(data, size, bound_test_net_log.bound()));
+ new net::FuzzedSocket(&data_provider, &test_net_log));
CHECK_EQ(net::OK, fuzzed_socket->Connect(callback.callback()));
std::unique_ptr<net::ClientSocketHandle> socket_handle(
« net/base/fuzzed_data_provider.cc ('K') | « net/data/http/http.dict ('k') | net/http/http_stream_parser_fuzzer.cc » ('j') | net/socket/fuzzed_socket.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698