third_party/WebKit/Source/core/html/parser/TextResourceDecoderFuzzer.cpp - Issue 2250263003: Move FuzzedDataProvider to //base and expose to blink

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/WebKit/Source/core/html/parser/TextResourceDecoderFuzzer.cpp

Issue 2250263003: Move FuzzedDataProvider to //base and expose to blink (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: move FuzzedDataProvider from platform to platform/testing (trybots previous) Created 4 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/Source/core/html/parser/TextResourceDecoder.h ('k') | third_party/WebKit/Source/platform/DEPS » ('j') | third_party/WebKit/Source/platform/testing/FuzzedDataProvider.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "core/html/parser/TextResourceDecoder.h"

	6

	7 #include "platform/testing/FuzzedDataProvider.h"

	8 #include "platform/testing/TestingPlatformSupport.h"

	9 #include "wtf/text/WTFString.h"

	10 #include <algorithm>

	11

	12 namespace blink {

	13

	14 class TextResourceDecoderForFuzzing : public TextResourceDecoder {

	15 public:

	16 TextResourceDecoderForFuzzing(FuzzedDataProvider& fuzzedData)

	17 : TextResourceDecoder(String::fromUTF8(fuzzedData.ConsumeBytesInRange(0, 16)), String::fromUTF8(fuzzedData.ConsumeBytesInRange(0, 16)), FuzzedOption(fuz zedData))
	esprehn 2016/08/17 20:42:13 why 16? why 16? Charlie Harrison 2016/08/17 21:22:14 Pretty arbitrary. I'll fix this up and add comment Show quoted text On 2016/08/17 20:42:13, esprehn wrote: > why 16? Pretty arbitrary. I'll fix this up and add comments. Comments for mimetype say: // Per RFCs 3023 and 2045, an XML MIME type is of the form: // ^[0-9a-zA-Z_\\-+~!$\\^{}\|.%'`#&]+/[0-9a-zA-Z_\\-+~!$\\^{}\|.%'`#&]+\+xml$ that's pretty flexible. Maybe we should give it some more bytes. For charset, we can also get some big ones like "unicode-1-1-utf-8". To be safe, I'm upping these to be in range 0,32.
	18 {

	19 }

	20

	21 private:

	22 static TextResourceDecoder::EncodingDetectionOption FuzzedOption(FuzzedDataP rovider& fuzzedData)

	23 {

	24 // Don't use AlwaysUseUTF8ForText which requires knowing the mimeType

	25 // ahead of time.

	26 return fuzzedData.ConsumeBool() ? UseAllAutoDetection : UseContentAndBOM BasedDetection;

	27 }

	28 };

	29

	30 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)

	31 {

	32 FuzzedDataProvider fuzzedData(data, size);

	33 TextResourceDecoderForFuzzing decoder(fuzzedData);

	34 CString bytes = fuzzedData.ConsumeRemainingBytes();

	35 decoder.decode(bytes.data(), bytes.length());

	36 decoder.flush();

	37 return 0;

	38 }

	39

	40 } // namespace blink

	41

	42 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)

	43 {

	44 return blink::LLVMFuzzerTestOneInput(data, size);

	45 }

	46

	47 extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv)

	48 {

	49 // Intentional leak - no need to do cleanup as explained in

	50 // "Initialization/Cleanup" section of testing/libfuzzer/efficient_fuzzer.md

	51 DEFINE_STATIC_LOCAL(blink::ScopedUnittestsEnvironmentSetup, testSetup, (arg c, argv));

	52 ALLOW_UNUSED_LOCAL(testSetup);

	53

	54 return 0;

	55 }

OLD	NEW