[Hunspell Fuzzer] Restrict fuzzer data to valid UTF8

third_party/hunspell/fuzz/hunspell_fuzzer.cc

Index: third_party/hunspell/fuzz/hunspell_fuzzer.cc
diff --git a/third_party/hunspell/fuzz/hunspell_fuzzer.cc b/third_party/hunspell/fuzz/hunspell_fuzzer.cc
index cf125267e45ed9ec38d212e798ee86887b2a4e7b..df26b8574ef23763271e90137182b3d27bb94339 100644
--- a/third_party/hunspell/fuzz/hunspell_fuzzer.cc
+++ b/third_party/hunspell/fuzz/hunspell_fuzzer.cc
@@ -6,6 +6,8 @@
 #include <stdint.h>
 #include <string>
 
+#include "base/strings/string16.h"
+#include "base/strings/utf_string_conversions.h"
 #include "third_party/hunspell/src/hunspell/hunspell.hxx"
 #include "third_party/hunspell/fuzz/hunspell_fuzzer_hunspell_dictionary.h"
 
@@ -18,11 +20,17 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
                                            sizeof(kHunspellDictionary));
 
   std::string data_string(reinterpret_cast<const char*>(data), size);
+
+  // hunspell is not handling invalid UTF8. To avoid that, do the same thing
+  // Chromium does - convert to UTF16, and back to UTF8. Valid UTF8 guaranteed.

[kcc2, 2016/08/18 21:52:12]

Where is the guarantee that Chromium always does that? 

+  base::string16 utf16_string = base::UTF8ToUTF16(data_string);
+  data_string = base::UTF16ToUTF8(utf16_string);
+
   hunspell->spell(data_string.c_str());
 
   char** suggestions = nullptr;
-  int suggetion_length = hunspell->suggest(&suggestions, data_string.c_str());
-  hunspell->free_list(&suggestions, suggetion_length);
+  int suggestion_length = hunspell->suggest(&suggestions, data_string.c_str());
+  hunspell->free_list(&suggestions, suggestion_length);
 
   return 0;
 }