Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1137)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/dns/host_resolver_impl_fuzzer.cc

Issue 2250263003: Move FuzzedDataProvider to //base and expose to blink (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: ... also remove PLATFORM_EXPORT Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/dns/fuzzed_host_resolver.cc ('k') | net/http/http_proxy_client_socket_fuzzer.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stddef.h> 5 #include <stddef.h>
6 #include <stdint.h> 6 #include <stdint.h>
7 7
8 #include <memory> 8 #include <memory>
9 #include <vector> 9 #include <vector>
10 10
11 #include "base/bind.h" 11 #include "base/bind.h"
12 #include "base/logging.h" 12 #include "base/logging.h"
13 #include "base/run_loop.h" 13 #include "base/run_loop.h"
14 #include "base/test/fuzzed_data_provider.h"
14 #include "net/base/address_family.h" 15 #include "net/base/address_family.h"
15 #include "net/base/address_list.h" 16 #include "net/base/address_list.h"
16 #include "net/base/fuzzed_data_provider.h"
17 #include "net/base/net_errors.h" 17 #include "net/base/net_errors.h"
18 #include "net/base/request_priority.h" 18 #include "net/base/request_priority.h"
19 #include "net/dns/fuzzed_host_resolver.h" 19 #include "net/dns/fuzzed_host_resolver.h"
20 #include "net/dns/host_resolver.h" 20 #include "net/dns/host_resolver.h"
21 #include "net/log/test_net_log.h" 21 #include "net/log/test_net_log.h"
22 22
23 namespace { 23 namespace {
24 24
25 const char* kHostNames[] = {"foo", "foo.com", "a.foo.com", 25 const char* kHostNames[] = {"foo", "foo.com", "a.foo.com",
26 "bar", "localhost", "localhost6"}; 26 "bar", "localhost", "localhost6"};
27 27
28 net::AddressFamily kAddressFamilies[] = { 28 net::AddressFamily kAddressFamilies[] = {
29 net::ADDRESS_FAMILY_UNSPECIFIED, net::ADDRESS_FAMILY_IPV4, 29 net::ADDRESS_FAMILY_UNSPECIFIED, net::ADDRESS_FAMILY_IPV4,
30 net::ADDRESS_FAMILY_IPV6, 30 net::ADDRESS_FAMILY_IPV6,
31 }; 31 };
32 32
33 class DnsRequest { 33 class DnsRequest {
34 public: 34 public:
35 DnsRequest(net::HostResolver* host_resolver, 35 DnsRequest(net::HostResolver* host_resolver,
36 net::FuzzedDataProvider* data_provider, 36 base::FuzzedDataProvider* data_provider,
37 std::vector<std::unique_ptr<DnsRequest>>* dns_requests) 37 std::vector<std::unique_ptr<DnsRequest>>* dns_requests)
38 : host_resolver_(host_resolver), 38 : host_resolver_(host_resolver),
39 data_provider_(data_provider), 39 data_provider_(data_provider),
40 dns_requests_(dns_requests), 40 dns_requests_(dns_requests),
41 is_running_(false) {} 41 is_running_(false) {}
42 42
43 ~DnsRequest() {} 43 ~DnsRequest() {}
44 44
45 // Creates and starts a DNS request using fuzzed parameters. If the request 45 // Creates and starts a DNS request using fuzzed parameters. If the request
46 // doesn't complete synchronously, adds it to |dns_requests|. 46 // doesn't complete synchronously, adds it to |dns_requests|.
47 static void CreateRequest( 47 static void CreateRequest(
48 net::HostResolver* host_resolver, 48 net::HostResolver* host_resolver,
49 net::FuzzedDataProvider* data_provider, 49 base::FuzzedDataProvider* data_provider,
50 std::vector<std::unique_ptr<DnsRequest>>* dns_requests) { 50 std::vector<std::unique_ptr<DnsRequest>>* dns_requests) {
51 std::unique_ptr<DnsRequest> dns_request( 51 std::unique_ptr<DnsRequest> dns_request(
52 new DnsRequest(host_resolver, data_provider, dns_requests)); 52 new DnsRequest(host_resolver, data_provider, dns_requests));
53 53
54 if (dns_request->Start() == net::ERR_IO_PENDING) 54 if (dns_request->Start() == net::ERR_IO_PENDING)
55 dns_requests->push_back(std::move(dns_request)); 55 dns_requests->push_back(std::move(dns_request));
56 } 56 }
57 57
58 // If |dns_requests| is non-empty, waits for a randomly chosen one of the 58 // If |dns_requests| is non-empty, waits for a randomly chosen one of the
59 // requests to complete and removes it from |dns_requests|. 59 // requests to complete and removes it from |dns_requests|.
60 static void WaitForRequestComplete( 60 static void WaitForRequestComplete(
61 net::FuzzedDataProvider* data_provider, 61 base::FuzzedDataProvider* data_provider,
62 std::vector<std::unique_ptr<DnsRequest>>* dns_requests) { 62 std::vector<std::unique_ptr<DnsRequest>>* dns_requests) {
63 if (dns_requests->empty()) 63 if (dns_requests->empty())
64 return; 64 return;
65 uint32_t index = 65 uint32_t index =
66 data_provider->ConsumeUint32InRange(0, dns_requests->size() - 1); 66 data_provider->ConsumeUint32InRange(0, dns_requests->size() - 1);
67 67
68 // Remove the request from the list before waiting on it - this prevents one 68 // Remove the request from the list before waiting on it - this prevents one
69 // of the other callbacks from deleting the callback being waited on. 69 // of the other callbacks from deleting the callback being waited on.
70 std::unique_ptr<DnsRequest> request = std::move((*dns_requests)[index]); 70 std::unique_ptr<DnsRequest> request = std::move((*dns_requests)[index]);
71 dns_requests->erase(dns_requests->begin() + index); 71 dns_requests->erase(dns_requests->begin() + index);
72 request->WaitUntilDone(); 72 request->WaitUntilDone();
73 } 73 }
74 74
75 // If |dns_requests| is non-empty, attempts to cancel a randomly chosen one of 75 // If |dns_requests| is non-empty, attempts to cancel a randomly chosen one of
76 // them and removes it from |dns_requests|. If the one it picks is already 76 // them and removes it from |dns_requests|. If the one it picks is already
77 // complete, just removes it from the list. 77 // complete, just removes it from the list.
78 static void CancelRequest( 78 static void CancelRequest(
79 net::HostResolver* host_resolver, 79 net::HostResolver* host_resolver,
80 net::FuzzedDataProvider* data_provider, 80 base::FuzzedDataProvider* data_provider,
81 std::vector<std::unique_ptr<DnsRequest>>* dns_requests) { 81 std::vector<std::unique_ptr<DnsRequest>>* dns_requests) {
82 if (dns_requests->empty()) 82 if (dns_requests->empty())
83 return; 83 return;
84 uint32_t index = 84 uint32_t index =
85 data_provider->ConsumeUint32InRange(0, dns_requests->size() - 1); 85 data_provider->ConsumeUint32InRange(0, dns_requests->size() - 1);
86 auto request = dns_requests->begin() + index; 86 auto request = dns_requests->begin() + index;
87 (*request)->Cancel(); 87 (*request)->Cancel();
88 dns_requests->erase(request); 88 dns_requests->erase(request);
89 } 89 }
90 90
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 } 167 }
168 } 168 }
169 169
170 // Cancel the request, if not already completed. Otherwise, does nothing. 170 // Cancel the request, if not already completed. Otherwise, does nothing.
171 void Cancel() { 171 void Cancel() {
172 request_.reset(); 172 request_.reset();
173 is_running_ = false; 173 is_running_ = false;
174 } 174 }
175 175
176 net::HostResolver* host_resolver_; 176 net::HostResolver* host_resolver_;
177 net::FuzzedDataProvider* data_provider_; 177 base::FuzzedDataProvider* data_provider_;
178 std::vector<std::unique_ptr<DnsRequest>>* dns_requests_; 178 std::vector<std::unique_ptr<DnsRequest>>* dns_requests_;
179 179
180 std::unique_ptr<net::HostResolver::Request> request_; 180 std::unique_ptr<net::HostResolver::Request> request_;
181 net::AddressList address_list_; 181 net::AddressList address_list_;
182 182
183 bool is_running_; 183 bool is_running_;
184 184
185 std::unique_ptr<base::RunLoop> run_loop_; 185 std::unique_ptr<base::RunLoop> run_loop_;
186 186
187 DISALLOW_COPY_AND_ASSIGN(DnsRequest); 187 DISALLOW_COPY_AND_ASSIGN(DnsRequest);
188 }; 188 };
189 189
190 } // namespace 190 } // namespace
191 191
192 // Fuzzer for HostResolverImpl. Fuzzes using both the system resolver and 192 // Fuzzer for HostResolverImpl. Fuzzes using both the system resolver and
193 // built-in DNS client paths. 193 // built-in DNS client paths.
194 // 194 //
195 // TODO(mmenke): Add coverage for things this does not cover: 195 // TODO(mmenke): Add coverage for things this does not cover:
196 // * Out of order completion, particularly for the platform resolver path. 196 // * Out of order completion, particularly for the platform resolver path.
197 // * Simulate network changes, including both enabling and disabling the 197 // * Simulate network changes, including both enabling and disabling the
198 // async resolver while lookups are active as a result of the change. 198 // async resolver while lookups are active as a result of the change.
199 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 199 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
200 { 200 {
201 net::FuzzedDataProvider data_provider(data, size); 201 base::FuzzedDataProvider data_provider(data, size);
202 net::TestNetLog net_log; 202 net::TestNetLog net_log;
203 203
204 net::HostResolver::Options options; 204 net::HostResolver::Options options;
205 options.max_concurrent_resolves = data_provider.ConsumeUint32InRange(1, 8); 205 options.max_concurrent_resolves = data_provider.ConsumeUint32InRange(1, 8);
206 options.enable_caching = data_provider.ConsumeBool(); 206 options.enable_caching = data_provider.ConsumeBool();
207 net::FuzzedHostResolver host_resolver(options, &net_log, &data_provider); 207 net::FuzzedHostResolver host_resolver(options, &net_log, &data_provider);
208 host_resolver.SetDnsClientEnabled(data_provider.ConsumeBool()); 208 host_resolver.SetDnsClientEnabled(data_provider.ConsumeBool());
209 209
210 std::vector<std::unique_ptr<DnsRequest>> dns_requests; 210 std::vector<std::unique_ptr<DnsRequest>> dns_requests;
211 while (true) { 211 while (true) {
(...skipping 14 matching lines...) Expand all
226 break; 226 break;
227 } 227 }
228 } 228 }
229 } 229 }
230 230
231 // Clean up any pending tasks, after deleting everything. 231 // Clean up any pending tasks, after deleting everything.
232 base::RunLoop().RunUntilIdle(); 232 base::RunLoop().RunUntilIdle();
233 233
234 return 0; 234 return 0;
235 } 235 }
OLDNEW
« no previous file with comments | « net/dns/fuzzed_host_resolver.cc ('k') | net/http/http_proxy_client_socket_fuzzer.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698