Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: testing/libfuzzer/pdf_hint_table_fuzzer.cc

Issue 2477213003: Reland of Unify some code (Closed)
Patch Set: Fix fuzzers. Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « core/fpdfapi/parser/cpdf_parser.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The PDFium Authors. All rights reserved. 1 // Copyright 2016 The PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <cstdint> 5 #include <cstdint>
6 6
7 #include "core/fpdfapi/parser/cpdf_array.h"
7 #include "core/fpdfapi/parser/cpdf_dictionary.h" 8 #include "core/fpdfapi/parser/cpdf_dictionary.h"
8 #include "core/fpdfapi/parser/cpdf_hint_tables.h" 9 #include "core/fpdfapi/parser/cpdf_hint_tables.h"
9 10 #include "core/fpdfapi/parser/cpdf_linearized.h"
10 struct DummyLinearizedDictionary { 11 #include "third_party/base/ptr_util.h"
11 int end_of_first_page_offset;
12 int number_of_pages;
13 int first_page_object_number;
14 int first_page_number;
15 int primary_hint_stream_offset;
16 int primary_hint_stream_length;
17 int shared_hint_table_offset;
18 };
19 12
20 int32_t GetData(const int32_t** data32, const uint8_t** data, size_t* size) { 13 int32_t GetData(const int32_t** data32, const uint8_t** data, size_t* size) {
21 const int32_t* ret = *data32; 14 const int32_t* ret = *data32;
22 ++(*data32); 15 ++(*data32);
23 *data += 4; 16 *data += 4;
24 *size -= 4; 17 *size -= 4;
25 return *ret; 18 return *ret;
26 } 19 }
27 20
28 class HintTableForFuzzing : public CPDF_HintTables { 21 class HintTableForFuzzing : public CPDF_HintTables {
29 public: 22 public:
30 HintTableForFuzzing(DummyLinearizedDictionary* dict, 23 HintTableForFuzzing(CPDF_Linearized* pLinearized,
31 CPDF_Dictionary* linearized_dict) 24 int shared_hint_table_offset)
32 : CPDF_HintTables(nullptr, linearized_dict), dict_(dict) {} 25 : CPDF_HintTables(nullptr, pLinearized),
26 shared_hint_table_offset_(shared_hint_table_offset) {}
33 ~HintTableForFuzzing() {} 27 ~HintTableForFuzzing() {}
34 28
35 void Fuzz(const uint8_t* data, size_t size) { 29 void Fuzz(const uint8_t* data, size_t size) {
36 if (dict_->shared_hint_table_offset <= 0) 30 if (shared_hint_table_offset_ <= 0)
37 return; 31 return;
38 32
39 if (size < static_cast<size_t>(dict_->shared_hint_table_offset)) 33 if (size < static_cast<size_t>(shared_hint_table_offset_))
40 return; 34 return;
41 35
42 CFX_BitStream bs; 36 CFX_BitStream bs;
43 bs.Init(data, size); 37 bs.Init(data, size);
44 if (!ReadPageHintTable(&bs)) 38 if (!ReadPageHintTable(&bs))
45 return; 39 return;
46 ReadSharedObjHintTable(&bs, dict_->shared_hint_table_offset); 40 ReadSharedObjHintTable(&bs, shared_hint_table_offset_);
47 } 41 }
48 42
49 private: 43 private:
50 int GetEndOfFirstPageOffset() const override { 44 int shared_hint_table_offset_;
51 return dict_->end_of_first_page_offset; 45 };
52 }
53 int GetNumberOfPages() const override { return dict_->number_of_pages; }
54 int GetFirstPageObjectNumber() const override {
55 return dict_->first_page_object_number;
56 }
57 int GetFirstPageNumber() const override { return dict_->first_page_number; }
58 int ReadPrimaryHintStreamOffset() const override {
59 return dict_->primary_hint_stream_offset;
60 }
61 int ReadPrimaryHintStreamLength() const override {
62 return dict_->primary_hint_stream_length;
63 }
64 46
65 DummyLinearizedDictionary* const dict_; 47 class FakeLinearized : public CPDF_Linearized {
48 public:
49 explicit FakeLinearized(CPDF_Dictionary* linearized_dict)
50 : CPDF_Linearized(linearized_dict) {}
66 }; 51 };
67 52
68 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 53 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
69 // Need 28 bytes for |dummy_dict|. 54 // Need 28 bytes for |linearized_dict|.
70 // The header section of page offset hint table is 36 bytes. 55 // The header section of page offset hint table is 36 bytes.
71 // The header section of shared object hint table is 24 bytes. 56 // The header section of shared object hint table is 24 bytes.
72 if (size < 28 + 36 + 24) 57 if (size < 28 + 36 + 24)
73 return 0; 58 return 0;
74 59
75 const int32_t* data32 = reinterpret_cast<const int32_t*>(data); 60 const int32_t* data32 = reinterpret_cast<const int32_t*>(data);
76 DummyLinearizedDictionary dummy_dict;
77 dummy_dict.end_of_first_page_offset = GetData(&data32, &data, &size);
78 dummy_dict.number_of_pages = GetData(&data32, &data, &size);
79 dummy_dict.first_page_object_number = GetData(&data32, &data, &size);
80 dummy_dict.first_page_number = GetData(&data32, &data, &size);
81 dummy_dict.primary_hint_stream_offset = GetData(&data32, &data, &size);
82 dummy_dict.primary_hint_stream_length = GetData(&data32, &data, &size);
83 dummy_dict.shared_hint_table_offset = GetData(&data32, &data, &size);
84 61
85 std::unique_ptr<CPDF_Dictionary> dummy_linearized_dict(new CPDF_Dictionary); 62 auto linearized_dict = pdfium::MakeUnique<CPDF_Dictionary>();
63 // Set initial value.
64 linearized_dict->SetBooleanFor("Linearized", true);
65 // Set first page end offset
66 linearized_dict->SetIntegerFor("E", GetData(&data32, &data, &size));
67 // Set page count
68 linearized_dict->SetIntegerFor("N", GetData(&data32, &data, &size));
69 // Set first page obj num
70 linearized_dict->SetIntegerFor("O", GetData(&data32, &data, &size));
71 // Set first page no
72 linearized_dict->SetIntegerFor("P", GetData(&data32, &data, &size));
73
74 auto hint_info = pdfium::MakeUnique<CPDF_Array>();
75 // Add primary hint stream offset
76 hint_info->AddInteger(GetData(&data32, &data, &size));
77 // Add primary hint stream size
78 hint_info->AddInteger(GetData(&data32, &data, &size));
79 // Set hint stream info.
80 linearized_dict->SetFor("H", hint_info.release());
81
82 const int shared_hint_table_offset = GetData(&data32, &data, &size);
83
86 { 84 {
87 HintTableForFuzzing hint_table(&dummy_dict, dummy_linearized_dict.get()); 85 FakeLinearized linearized(linearized_dict.get());
86 HintTableForFuzzing hint_table(&linearized, shared_hint_table_offset);
88 hint_table.Fuzz(data, size); 87 hint_table.Fuzz(data, size);
89 } 88 }
90 return 0; 89 return 0;
91 } 90 }
OLDNEW
« no previous file with comments | « core/fpdfapi/parser/cpdf_parser.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698