net/filter/fuzzed_source_stream.cc - Issue 2460633002: Add a fuzzer for GzipSourceStream

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/filter/fuzzed_source_stream.cc

Issue 2460633002: Add a fuzzer for GzipSourceStream (Closed)

Patch Set: Address comments Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/filter/fuzzed_source_stream.cc

diff --git a/net/filter/fuzzed_source_stream.cc b/net/filter/fuzzed_source_stream.cc

new file mode 100644

index 0000000000000000000000000000000000000000..626675d9d650e8d73ae98485da782795cc6d76b9

--- /dev/null

+++ b/net/filter/fuzzed_source_stream.cc

@@ -0,0 +1,88 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "net/filter/fuzzed_source_stream.h"

+#include <algorithm>

+#include "base/test/fuzzed_data_provider.h"

+#include "base/threading/thread_task_runner_handle.h"

+#include "net/base/io_buffer.h"

+#include "net/base/net_errors.h"

+namespace net {

+namespace {

+// Common net error codes that can be returned by a SourceStream.

+const Error kReadErrors[] = {OK, ERR_FAILED, ERR_CONTENT_DECODING_FAILED};

+} // namespace

+FuzzedSourceStream::FuzzedSourceStream(base::FuzzedDataProvider* data_provider)

+ : SourceStream(SourceStream::TYPE_NONE),

+ data_provider_(data_provider),

+ read_pending_(false),

+ end_returned_(false) {}

+FuzzedSourceStream::~FuzzedSourceStream() {

+ DCHECK(!read_pending_);

+int FuzzedSourceStream::Read(IOBuffer* buf,

+ int buf_len,

+ const CompletionCallback& callback) {

+ DCHECK(!read_pending_);

+ DCHECK(!end_returned_);

+ DCHECK_LE(0, buf_len);

+ bool sync = data_provider_->ConsumeBool();

+ int result = data_provider_->ConsumeUint32InRange(0, buf_len);

+ std::string data = data_provider_->ConsumeBytes(result);

+ result = data.size();

+ if (result <= 0)

+ result = data_provider_->PickValueInArray(kReadErrors);

+ if (sync) {

+ if (result > 0) {

+ std::copy(data.data(), data.data() + result, buf->data());

+ } else {

+ end_returned_ = true;

+ }

+ return result;

+ }

+ scoped_refptr<IOBuffer> pending_read_buf = buf;

+ read_pending_ = true;

+ // |this| is owned by the caller so use base::Unretained is safe.

+ base::ThreadTaskRunnerHandle::Get()->PostTask(

+ FROM_HERE,

+ base::Bind(&FuzzedSourceStream::OnReadComplete, base::Unretained(this),

+ callback, data, pending_read_buf, result));

+ return ERR_IO_PENDING;

+std::string FuzzedSourceStream::Description() const {

+ return "";

+void FuzzedSourceStream::OnReadComplete(const CompletionCallback& callback,

+ const std::string& fuzzed_data,

+ scoped_refptr<IOBuffer> read_buf,

+ int result) {

+ DCHECK(read_pending_);

+ if (result > 0) {

+ std::copy(fuzzed_data.data(), fuzzed_data.data() + result,

+ read_buf->data());

+ } else {

+ end_returned_ = true;

+ }

+ read_pending_ = false;

+ callback.Run(result);

+} // namespace net

« no previous file with comments | « net/filter/fuzzed_source_stream.h ('k') | net/filter/gzip_source_stream_fuzzer.cc » ('j') | no next file with comments »