third_party/WebKit/Source/platform/mhtml/MHTMLFuzzer.cpp - Issue 2199493002: libFuzzer for blink::MHTMLParser

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/WebKit/Source/platform/mhtml/MHTMLFuzzer.cpp

Issue 2199493002: libFuzzer for blink::MHTMLParser (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Don't call base::i18n::InitializeICU during setup of regular unit tests. Created 4 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/Source/platform/BUILD.gn ('k') | third_party/WebKit/Source/platform/mhtml/MHTMLParser.cpp » ('j') | third_party/WebKit/Source/platform/mhtml/MHTMLParser.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "platform/SharedBuffer.h"

	6 #include "platform/heap/Handle.h"

	7 #include "platform/mhtml/ArchiveResource.h"

	8 #include "platform/mhtml/MHTMLParser.h"

	9 #include "platform/testing/TestingPlatformSupport.h"

	10 #include "wtf/Assertions.h"

	11 #include "wtf/Compiler.h"

	12 #include <memory>

	13 #include <stddef.h>

	14 #include <stdint.h>

	15

	16 namespace blink {

	17

	18 // Fuzzer for blink::MHTMLParser.

	19 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)

	20 {

	21 MHTMLParser mhtmlParser(SharedBuffer::create(data, size));

	22 HeapVector<Member<ArchiveResource>> mhtmlArchives = mhtmlParser.parseArchive ();

	23 mhtmlArchives.clear();
	esprehn 2016/08/04 04:37:53 why manually clear on stack vectors? why manually clear on stack vectors? Łukasz Anforowicz 2016/08/04 17:37:30 So that the garbage collection forced on the next Show quoted text On 2016/08/04 04:37:53, esprehn wrote: > why manually clear on stack vectors? So that the garbage collection forced on the next line can reclaim memory that has been allocated inside parseArchive method (i.e. the mhtmlArchives vector should be the only "root" for that memory).
	24 ThreadHeap::collectAllGarbage();
	esprehn 2016/08/04 04:37:53 Why do you need to do manual Oilpan GC's? Why do you need to do manual Oilpan GC's? Łukasz Anforowicz 2016/08/04 17:37:30 Because otherwise libFuzzer will report a memory l Show quoted text On 2016/08/04 04:37:53, esprehn wrote: > Why do you need to do manual Oilpan GC's? Because otherwise libFuzzer will report a memory leak (it checks for memory leaks after each LLVMFuzzerTestOneInput invocation AFAICT - without this explicit garbage collection it would keep reporting memory leaks).
	25

	26 return 0;

	27 }

	28

	29 } // namespace blink

	30

	31 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)

	32 {

	33 return blink::LLVMFuzzerTestOneInput(data, size);

	34 }

	35

	36 extern "C" int LLVMFuzzerInitialize(int argc, char **argv)

	37 {

	38 // Intentional leak - no need to do cleanup as explained in

	39 // "Initialization/Cleanup" section of testing/libfuzzer/efficient_fuzzer.md

	40 static blink::ScopedUnittestsEnvironmentSetup testSetup(

	41 argc, argv, blink::ScopedUnittestsEnvironmentSetup::TestType::LibFuzze r);

	42

	43 return 0;

	44 }

OLD	NEW