testing/libfuzzer/pdf_cfx_saxreader_fuzzer.cc - Issue 2070103002: Add CFX_SAXReader fuzzer

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: testing/libfuzzer/pdf_cfx_saxreader_fuzzer.cc

Issue 2070103002: Add CFX_SAXReader fuzzer (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master

Patch Set: Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2016 The PDFium Authors. All rights reserved.	1 // Copyright 2016 The PDFium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <memory>	5 #include <memory>

6	6

7 #include "core/fxcrt/include/fx_string.h"	7 #include "xfa/fde/xml/cfx_saxreader.h"

8 #include "xfa/fde/css/fde_css.h"

9 #include "xfa/fde/css/fde_csssyntax.h"

10 #include "xfa/fgas/crt/fgas_stream.h"	8 #include "xfa/fgas/crt/fgas_stream.h"

11 #include "xfa/fxfa/parser/xfa_utils.h"	9 #include "xfa/fxfa/parser/xfa_utils.h"

12	10

13 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {	11 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {

14 CFDE_CSSSyntaxParser parser;

15

16 CFX_WideString input = CFX_WideString::FromUTF8(	12 CFX_WideString input = CFX_WideString::FromUTF8(

17 CFX_ByteStringC(data, static_cast<FX_STRSIZE>(size)));	13 CFX_ByteStringC(data, static_cast<FX_STRSIZE>(size)));

18 std::unique_ptr<IFX_Stream, ReleaseDeleter<IFX_Stream>> stream(	14 std::unique_ptr<IFX_Stream, ReleaseDeleter<IFX_Stream>> stream(

19 XFA_CreateWideTextRead(input));	15 XFA_CreateWideTextRead(input));

20 if (!stream)	16 if (!stream)

21 return 0;	17 return 0;

22	18

23 parser.Init(stream.get(), 1024);	19 std::unique_ptr<IFX_FileRead, ReleaseDeleter<IFX_FileRead>> fileRead(

	20 FX_CreateFileRead(stream.get(), false));

	21 if (!fileRead)

	22 return 0;

24	23

25 FDE_CSSSYNTAXSTATUS status = parser.DoSyntaxParse();	24 CFX_SAXReader reader;

26 while (status != FDE_CSSSYNTAXSTATUS_Error &&	25 if (reader.StartParse(fileRead.get(), 0, -1, CFX_SaxParseMode_NotSkipSpace) <

27 status != FDE_CSSSYNTAXSTATUS_EOS)	26 0) {

28 status = parser.DoSyntaxParse();	27 return 0;

	28 }

	29

	30 while (1) {
	dsinclair 2016/06/15 17:54:32 Will clusterfuzz time this out if it goes bonkers? Will clusterfuzz time this out if it goes bonkers? Oliver Chang 2016/06/15 22:43:44 Yeah, the libFuzzer driver also handles timeouts. Show quoted text On 2016/06/15 17:54:32, dsinclair wrote: > Will clusterfuzz time this out if it goes bonkers? Yeah, the libFuzzer driver also handles timeouts.
	31 int32_t ret = reader.ContinueParse(nullptr);

	32 if (ret < 0 \|\| ret > 99)

	33 break;

	34 }

29	35

30 return 0;	36 return 0;

31 }	37 }

OLD	NEW

« no previous file with comments | « testing/libfuzzer/fuzzers.gyp ('k') | no next file » | no next file with comments »