Add fuzzer for ParseURLHostnameToAddress to //net.

net/base/parse_url_hostname_to_address_fuzzer.cc

Index: net/base/parse_url_hostname_to_address_fuzzer.cc
diff --git a/net/base/parse_url_hostname_to_address_fuzzer.cc b/net/base/parse_url_hostname_to_address_fuzzer.cc
new file mode 100644
index 0000000000000000000000000000000000000000..ff345b3b7ed8589337dd5cbe3a8e6256bcc4d260
--- /dev/null
+++ b/net/base/parse_url_hostname_to_address_fuzzer.cc
@@ -0,0 +1,38 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include <functional>
+
+#include "base/values.h"
+#include "net/base/address_list.h"
+#include "net/base/ip_address.h"
+
+// Entry point for LibFuzzer.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  const base::StringPiece hostname(reinterpret_cast<const char*>(data), size);
+  net::IPAddress address;
+
+  if (net::ParseURLHostnameToAddress(hostname, &address)) {
+    // To fuzz port number without spending raw bytes of data, use hash(data).
+    std::size_t data_hash = std::hash<std::string>()(hostname.as_string());
+    uint16_t port = static_cast<uint16_t>(data_hash & 0xFFFF);
+    net::AddressList addresses =
+        net::AddressList::CreateFromIPAddress(address, port);
+
+    base::ListValue endpoints;

[aizatsky, 2016/08/31 18:15:40]

I meant it even like this:

  ...
  for (const auto& endpoint : addresses) {
      endpoint.ToStringWithoutPort();
  }
  return 0;

no need for json at all.

[eroman, 2016/08/31 18:23:50]

+1

Is your concern is that the compiler will be smart enough to optimize away the
inside body of the loop, or do you actually want to test the
ToStringWithoutPort() functionality as well?

If it is just the former, you can add this:

   base::debug::Alias(&addresses);

Which should prevent the compiler from getting too clever.

[eroman, 2016/08/31 18:28:33]

(FWIW I agree that calling ToStringWithPort() is a good idea)

[mmoroz, 2016/09/01 10:46:21]

Ah, sorry for misunderstanding from my side! Looks like ToString() method (which
Mike suggested initially, I guess) does the same as ToStringWithPort() plus adds
the port. I would like to test it as well.

Regarding compiler optimizations, I've checked the binary with IDA and verified
that the loop's body is not removed! 

+    for (const auto& endpoint : addresses) {
+      endpoints.AppendString(endpoint.ToStringWithoutPort());
+    }
+
+    std::string result;
+    for (size_t i = 0; i != endpoints.GetSize(); ++i) {
+      endpoints.GetString(i, &result);
+    }
+  }
+
+  return 0;
+}