| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <iostream> | 5 #include <iostream> |
| 6 #include <set> | 6 #include <set> |
| 7 #include <string> | 7 #include <string> |
| 8 #include <tuple> | 8 #include <tuple> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 486 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 497 static bool Fuzz(base::ListValue* p, Fuzzer* fuzzer) { | 497 static bool Fuzz(base::ListValue* p, Fuzzer* fuzzer) { |
| 498 // TODO(mbarbella): Support mutation. | 498 // TODO(mbarbella): Support mutation. |
| 499 if (!fuzzer->ShouldGenerate()) | 499 if (!fuzzer->ShouldGenerate()) |
| 500 return true; | 500 return true; |
| 501 | 501 |
| 502 ++g_depth; | 502 ++g_depth; |
| 503 size_t list_length = p->GetSize(); | 503 size_t list_length = p->GetSize(); |
| 504 if (fuzzer->ShouldGenerate()) | 504 if (fuzzer->ShouldGenerate()) |
| 505 list_length = g_depth > 3 ? 0 : RandInRange(8); | 505 list_length = g_depth > 3 ? 0 : RandInRange(8); |
| 506 for (size_t index = 0; index < list_length; ++index) { | 506 for (size_t index = 0; index < list_length; ++index) { |
| 507 switch (RandInRange(8)) { | 507 switch (static_cast<base::Value::Type>(RandInRange(8))) { |
| 508 case base::Value::TYPE_BOOLEAN: { | 508 case base::Value::Type::BOOLEAN: { |
| 509 bool tmp; | 509 bool tmp; |
| 510 p->GetBoolean(index, &tmp); | 510 p->GetBoolean(index, &tmp); |
| 511 fuzzer->FuzzBool(&tmp); | 511 fuzzer->FuzzBool(&tmp); |
| 512 p->Set(index, new base::FundamentalValue(tmp)); | 512 p->Set(index, new base::FundamentalValue(tmp)); |
| 513 break; | 513 break; |
| 514 } | 514 } |
| 515 case base::Value::TYPE_INTEGER: { | 515 case base::Value::Type::INTEGER: { |
| 516 int tmp; | 516 int tmp; |
| 517 p->GetInteger(index, &tmp); | 517 p->GetInteger(index, &tmp); |
| 518 fuzzer->FuzzInt(&tmp); | 518 fuzzer->FuzzInt(&tmp); |
| 519 p->Set(index, new base::FundamentalValue(tmp)); | 519 p->Set(index, new base::FundamentalValue(tmp)); |
| 520 break; | 520 break; |
| 521 } | 521 } |
| 522 case base::Value::TYPE_DOUBLE: { | 522 case base::Value::Type::DOUBLE: { |
| 523 double tmp; | 523 double tmp; |
| 524 p->GetDouble(index, &tmp); | 524 p->GetDouble(index, &tmp); |
| 525 fuzzer->FuzzDouble(&tmp); | 525 fuzzer->FuzzDouble(&tmp); |
| 526 p->Set(index, new base::FundamentalValue(tmp)); | 526 p->Set(index, new base::FundamentalValue(tmp)); |
| 527 break; | 527 break; |
| 528 } | 528 } |
| 529 case base::Value::TYPE_STRING: { | 529 case base::Value::Type::STRING: { |
| 530 std::string tmp; | 530 std::string tmp; |
| 531 p->GetString(index, &tmp); | 531 p->GetString(index, &tmp); |
| 532 fuzzer->FuzzString(&tmp); | 532 fuzzer->FuzzString(&tmp); |
| 533 p->Set(index, new base::StringValue(tmp)); | 533 p->Set(index, new base::StringValue(tmp)); |
| 534 break; | 534 break; |
| 535 } | 535 } |
| 536 case base::Value::TYPE_BINARY: { | 536 case base::Value::Type::BINARY: { |
| 537 char tmp[200]; | 537 char tmp[200]; |
| 538 size_t bin_length = RandInRange(sizeof(tmp)); | 538 size_t bin_length = RandInRange(sizeof(tmp)); |
| 539 fuzzer->FuzzData(tmp, bin_length); | 539 fuzzer->FuzzData(tmp, bin_length); |
| 540 p->Set(index, | 540 p->Set(index, |
| 541 base::BinaryValue::CreateWithCopiedBuffer(tmp, bin_length)); | 541 base::BinaryValue::CreateWithCopiedBuffer(tmp, bin_length)); |
| 542 break; | 542 break; |
| 543 } | 543 } |
| 544 case base::Value::TYPE_DICTIONARY: { | 544 case base::Value::Type::DICTIONARY: { |
| 545 base::DictionaryValue* tmp = new base::DictionaryValue(); | 545 base::DictionaryValue* tmp = new base::DictionaryValue(); |
| 546 p->GetDictionary(index, &tmp); | 546 p->GetDictionary(index, &tmp); |
| 547 FuzzParam(tmp, fuzzer); | 547 FuzzParam(tmp, fuzzer); |
| 548 p->Set(index, tmp); | 548 p->Set(index, tmp); |
| 549 break; | 549 break; |
| 550 } | 550 } |
| 551 case base::Value::TYPE_LIST: { | 551 case base::Value::Type::LIST: { |
| 552 base::ListValue* tmp = new base::ListValue(); | 552 base::ListValue* tmp = new base::ListValue(); |
| 553 p->GetList(index, &tmp); | 553 p->GetList(index, &tmp); |
| 554 FuzzParam(tmp, fuzzer); | 554 FuzzParam(tmp, fuzzer); |
| 555 p->Set(index, tmp); | 555 p->Set(index, tmp); |
| 556 break; | 556 break; |
| 557 } | 557 } |
| 558 case base::Value::TYPE_NULL: | 558 case base::Value::Type::NONE: |
| 559 default: | 559 default: |
| 560 break; | 560 break; |
| 561 } | 561 } |
| 562 } | 562 } |
| 563 --g_depth; | 563 --g_depth; |
| 564 return true; | 564 return true; |
| 565 } | 565 } |
| 566 }; | 566 }; |
| 567 | 567 |
| 568 template <> | 568 template <> |
| 569 struct FuzzTraits<base::DictionaryValue> { | 569 struct FuzzTraits<base::DictionaryValue> { |
| 570 static bool Fuzz(base::DictionaryValue* p, Fuzzer* fuzzer) { | 570 static bool Fuzz(base::DictionaryValue* p, Fuzzer* fuzzer) { |
| 571 // TODO(mbarbella): Support mutation. | 571 // TODO(mbarbella): Support mutation. |
| 572 if (!fuzzer->ShouldGenerate()) | 572 if (!fuzzer->ShouldGenerate()) |
| 573 return true; | 573 return true; |
| 574 | 574 |
| 575 ++g_depth; | 575 ++g_depth; |
| 576 size_t dict_length = g_depth > 3 ? 0 : RandInRange(8); | 576 size_t dict_length = g_depth > 3 ? 0 : RandInRange(8); |
| 577 for (size_t index = 0; index < dict_length; ++index) { | 577 for (size_t index = 0; index < dict_length; ++index) { |
| 578 std::string property; | 578 std::string property; |
| 579 fuzzer->FuzzString(&property); | 579 fuzzer->FuzzString(&property); |
| 580 switch (RandInRange(8)) { | 580 switch (static_cast<base::Value::Type>(RandInRange(8))) { |
| 581 case base::Value::TYPE_BOOLEAN: { | 581 case base::Value::Type::BOOLEAN: { |
| 582 bool tmp; | 582 bool tmp; |
| 583 fuzzer->FuzzBool(&tmp); | 583 fuzzer->FuzzBool(&tmp); |
| 584 p->SetWithoutPathExpansion(property, new base::FundamentalValue(tmp)); | 584 p->SetWithoutPathExpansion(property, new base::FundamentalValue(tmp)); |
| 585 break; | 585 break; |
| 586 } | 586 } |
| 587 case base::Value::TYPE_INTEGER: { | 587 case base::Value::Type::INTEGER: { |
| 588 int tmp; | 588 int tmp; |
| 589 fuzzer->FuzzInt(&tmp); | 589 fuzzer->FuzzInt(&tmp); |
| 590 p->SetWithoutPathExpansion(property, new base::FundamentalValue(tmp)); | 590 p->SetWithoutPathExpansion(property, new base::FundamentalValue(tmp)); |
| 591 break; | 591 break; |
| 592 } | 592 } |
| 593 case base::Value::TYPE_DOUBLE: { | 593 case base::Value::Type::DOUBLE: { |
| 594 double tmp; | 594 double tmp; |
| 595 fuzzer->FuzzDouble(&tmp); | 595 fuzzer->FuzzDouble(&tmp); |
| 596 p->SetWithoutPathExpansion(property, new base::FundamentalValue(tmp)); | 596 p->SetWithoutPathExpansion(property, new base::FundamentalValue(tmp)); |
| 597 break; | 597 break; |
| 598 } | 598 } |
| 599 case base::Value::TYPE_STRING: { | 599 case base::Value::Type::STRING: { |
| 600 std::string tmp; | 600 std::string tmp; |
| 601 fuzzer->FuzzString(&tmp); | 601 fuzzer->FuzzString(&tmp); |
| 602 p->SetWithoutPathExpansion(property, new base::StringValue(tmp)); | 602 p->SetWithoutPathExpansion(property, new base::StringValue(tmp)); |
| 603 break; | 603 break; |
| 604 } | 604 } |
| 605 case base::Value::TYPE_BINARY: { | 605 case base::Value::Type::BINARY: { |
| 606 char tmp[200]; | 606 char tmp[200]; |
| 607 size_t bin_length = RandInRange(sizeof(tmp)); | 607 size_t bin_length = RandInRange(sizeof(tmp)); |
| 608 fuzzer->FuzzData(tmp, bin_length); | 608 fuzzer->FuzzData(tmp, bin_length); |
| 609 p->SetWithoutPathExpansion( | 609 p->SetWithoutPathExpansion( |
| 610 property, | 610 property, |
| 611 base::BinaryValue::CreateWithCopiedBuffer(tmp, bin_length)); | 611 base::BinaryValue::CreateWithCopiedBuffer(tmp, bin_length)); |
| 612 break; | 612 break; |
| 613 } | 613 } |
| 614 case base::Value::TYPE_DICTIONARY: { | 614 case base::Value::Type::DICTIONARY: { |
| 615 base::DictionaryValue* tmp = new base::DictionaryValue(); | 615 base::DictionaryValue* tmp = new base::DictionaryValue(); |
| 616 FuzzParam(tmp, fuzzer); | 616 FuzzParam(tmp, fuzzer); |
| 617 p->SetWithoutPathExpansion(property, tmp); | 617 p->SetWithoutPathExpansion(property, tmp); |
| 618 break; | 618 break; |
| 619 } | 619 } |
| 620 case base::Value::TYPE_LIST: { | 620 case base::Value::Type::LIST: { |
| 621 base::ListValue* tmp = new base::ListValue(); | 621 base::ListValue* tmp = new base::ListValue(); |
| 622 FuzzParam(tmp, fuzzer); | 622 FuzzParam(tmp, fuzzer); |
| 623 p->SetWithoutPathExpansion(property, tmp); | 623 p->SetWithoutPathExpansion(property, tmp); |
| 624 break; | 624 break; |
| 625 } | 625 } |
| 626 case base::Value::TYPE_NULL: | 626 case base::Value::Type::NONE: |
| 627 default: | 627 default: |
| 628 break; | 628 break; |
| 629 } | 629 } |
| 630 } | 630 } |
| 631 --g_depth; | 631 --g_depth; |
| 632 return true; | 632 return true; |
| 633 } | 633 } |
| 634 }; | 634 }; |
| 635 | 635 |
| 636 template <> | 636 template <> |
| (...skipping 1248 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1885 #include "tools/ipc_fuzzer/message_lib/all_message_null_macros.h" | 1885 #include "tools/ipc_fuzzer/message_lib/all_message_null_macros.h" |
| 1886 #undef IPC_MESSAGE_DECL | 1886 #undef IPC_MESSAGE_DECL |
| 1887 #define IPC_MESSAGE_DECL(name, ...) \ | 1887 #define IPC_MESSAGE_DECL(name, ...) \ |
| 1888 (*map)[static_cast<uint32_t>(name::ID)] = FuzzerHelper<name>::Fuzz; | 1888 (*map)[static_cast<uint32_t>(name::ID)] = FuzzerHelper<name>::Fuzz; |
| 1889 | 1889 |
| 1890 void PopulateFuzzerFunctionMap(FuzzerFunctionMap* map) { | 1890 void PopulateFuzzerFunctionMap(FuzzerFunctionMap* map) { |
| 1891 #include "tools/ipc_fuzzer/message_lib/all_messages.h" | 1891 #include "tools/ipc_fuzzer/message_lib/all_messages.h" |
| 1892 } | 1892 } |
| 1893 | 1893 |
| 1894 } // namespace ipc_fuzzer | 1894 } // namespace ipc_fuzzer |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2539363004:
Make base::Value::TYPE a scoped enum. (Closed)
