| Index: net/websockets/websocket_frame_parser_fuzzer.cc
|
| diff --git a/net/websockets/websocket_frame_parser_fuzzer.cc b/net/websockets/websocket_frame_parser_fuzzer.cc
|
| index 6e4b1f39ee3b9be40597f6e2d281c763422a3242..562941dfdad1c0787f08a5627f00907e0cc92072 100644
|
| --- a/net/websockets/websocket_frame_parser_fuzzer.cc
|
| +++ b/net/websockets/websocket_frame_parser_fuzzer.cc
|
| @@ -7,13 +7,18 @@
|
|
|
| #include <vector>
|
|
|
| +#include "base/test/fuzzed_data_provider.h"
|
| #include "net/websockets/websocket_frame_parser.h"
|
|
|
| // Entry point for LibFuzzer.
|
| extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
| + base::FuzzedDataProvider fuzzed_data_provider(data, size);
|
| net::WebSocketFrameParser parser;
|
| std::vector<std::unique_ptr<net::WebSocketFrameChunk>> frame_chunks;
|
| - parser.Decode(reinterpret_cast<const char*>(data), size, &frame_chunks);
|
| -
|
| + while (fuzzed_data_provider.remaining_bytes() > 0) {
|
| + size_t chunk_size = fuzzed_data_provider.ConsumeUint32InRange(1, 32);
|
| + base::StringPiece chunk = fuzzed_data_provider.ConsumeBytes(chunk_size);
|
| + parser.Decode(chunk.data(), chunk.size(), &frame_chunks);
|
| + }
|
| return 0;
|
| }
|
|
|
Chromium Code Reviews
Issue 2309723002:
Support split chunk input for WebSocketFrameParser fuzzer (Closed)
