OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "wtf/text/TextCodec.h" | |
6 | |
7 #include "platform/testing/BlinkFuzzerTestSupport.h" | |
8 #include "platform/testing/FuzzedDataProvider.h" | |
9 #include "wtf/text/CString.h" | |
10 #include "wtf/text/TextEncoding.h" | |
11 #include "wtf/text/TextEncodingRegistry.h" | |
12 | |
13 using namespace blink; | |
14 | |
15 // TODO(jsbell): This fuzzes code in wtf/ but has dependencies on platform/, | |
16 // so it must live in the latter directory. Once wtf/ moves into platform/wtf | |
17 // this should move there as well. | |
18 | |
19 WTF::FlushBehavior kFlushBehavior[] = {WTF::DoNotFlush, WTF::FetchEOF, | |
20 WTF::DataEOF}; | |
21 | |
22 WTF::UnencodableHandling kUnencodableHandlingOptions[] = { | |
23 WTF::QuestionMarksForUnencodables, WTF::EntitiesForUnencodables, | |
24 WTF::URLEncodedEntitiesForUnencodables, | |
25 WTF::CSSEncodedEntitiesForUnencodables}; | |
26 | |
27 class TextCodecFuzzHarness {}; | |
28 extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) { | |
29 InitializeBlinkFuzzTest(argc, argv); | |
30 return 0; | |
31 } | |
32 | |
33 // Fuzzer for WTF::TextCodec. | |
34 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { | |
35 // The fuzzer picks 3 bytes off the end of the data to initialize metadata, so | |
36 // abort if the input is smaller than that. | |
37 if (size < 3) | |
38 return 0; | |
39 | |
40 // Initializes the codec map. | |
41 static WTF::TextEncoding encoding = | |
mmoroz
2017/03/05 19:09:46
nit: can be const?
Charlie Harrison
2017/03/06 01:51:11
Done.
| |
42 WTF::TextEncoding(atomicCanonicalTextEncodingName( | |
43 #if defined(BIG5) | |
44 "Big5" | |
45 #elif defined(EUC_JP) | |
46 "EUC-JP" | |
47 #elif defined(EUC_KR) | |
48 "EUC-KR" | |
49 #elif defined(GBK) | |
50 "GBK" | |
51 #elif defined(IBM866) | |
52 "IBM866" | |
53 #elif defined(ISO_2022_JP) | |
54 "ISO-2022-JP" | |
55 #elif defined(ISO_8859_10) | |
56 "ISO-8859-10" | |
57 #elif defined(ISO_8859_13) | |
58 "ISO-8859-13" | |
59 #elif defined(ISO_8859_14) | |
60 "ISO-8859-14" | |
61 #elif defined(ISO_8859_15) | |
62 "ISO-8859-15" | |
63 #elif defined(ISO_8859_16) | |
64 "ISO-8859-16" | |
65 #elif defined(ISO_8859_2) | |
66 "ISO-8859-2" | |
67 #elif defined(ISO_8859_3) | |
68 "ISO-8859-3" | |
69 #elif defined(ISO_8859_4) | |
70 "ISO-8859-4" | |
71 #elif defined(ISO_8859_5) | |
72 "ISO-8859-5" | |
73 #elif defined(ISO_8859_6) | |
74 "ISO-8859-6" | |
75 #elif defined(ISO_8859_7) | |
76 "ISO-8859-7" | |
77 #elif defined(ISO_8859_8) | |
78 "ISO-8859-8" | |
79 #elif defined(ISO_8859_8_I) | |
80 "ISO-8859-8-I" | |
81 #elif defined(KOI8_R) | |
82 "KOI8-R" | |
83 #elif defined(KOI8_U) | |
84 "KOI8-U" | |
85 #elif defined(SHIFT_JIS) | |
86 "Shift_JIS" | |
87 #elif defined(UTF_16BE) | |
88 "UTF-16BE" | |
89 #elif defined(UTF_16LE) | |
90 "UTF-16LE" | |
91 #elif defined(UTF_32) | |
92 "UTF-32" | |
93 #elif defined(UTF_32BE) | |
94 "UTF-32BE" | |
95 #elif defined(UTF_32LE) | |
96 "UTF-32LE" | |
97 #elif defined(UTF_8) | |
98 "UTF-8" | |
99 #elif defined(GB18030) | |
100 "gb18030" | |
101 #elif defined(MACINTOSH) | |
102 "macintosh" | |
103 #elif defined(WINDOWS_1250) | |
104 "windows-1250" | |
105 #elif defined(WINDOWS_1251) | |
106 "windows-1251" | |
107 #elif defined(WINDOWS_1252) | |
108 "windows-1252" | |
109 #elif defined(WINDOWS_1253) | |
110 "windows-1253" | |
111 #elif defined(WINDOWS_1254) | |
112 "windows-1254" | |
113 #elif defined(WINDOWS_1255) | |
114 "windows-1255" | |
115 #elif defined(WINDOWS_1256) | |
116 "windows-1256" | |
117 #elif defined(WINDOWS_1257) | |
118 "windows-1257" | |
119 #elif defined(WINDOWS_1258) | |
120 "windows-1258" | |
121 #elif defined(WINDOWS_874) | |
122 "windows-874" | |
123 #elif defined(X_MAC_CYRILLIC) | |
124 "x-mac-cyrillic" | |
125 #elif defined(X_USER_DEFINED) | |
126 "x-user-defined" | |
127 #endif | |
128 "")); | |
129 | |
130 FuzzedDataProvider fuzzedData(data, size); | |
131 | |
132 // Initialize metadata using the fuzzed data. | |
133 bool stopOnError = fuzzedData.ConsumeBool(); | |
134 WTF::UnencodableHandling unencodableHandling = | |
135 fuzzedData.PickValueInArray(kUnencodableHandlingOptions); | |
136 WTF::FlushBehavior flushBehavior = | |
137 fuzzedData.PickValueInArray(kFlushBehavior); | |
138 | |
139 // Now, use the rest of the fuzzy data to stress test decoding and encoding. | |
140 CString byteString = fuzzedData.ConsumeRemainingBytes(); | |
mmoroz
2017/03/05 19:09:45
nit: can it be const?
Charlie Harrison
2017/03/06 01:51:11
Done.
| |
141 std::unique_ptr<TextCodec> codec = newTextCodec(encoding); | |
142 | |
143 // Treat as bytes-off-the-wire. | |
144 bool sawError; | |
145 codec->decode(byteString.data(), byteString.length(), flushBehavior, | |
146 stopOnError, sawError); | |
147 | |
148 // Treat as blink 8-bit string (latin1). | |
149 if (size % sizeof(LChar) == 0) { | |
150 std::unique_ptr<TextCodec> codec = newTextCodec(encoding); | |
mmoroz
2017/03/05 19:09:45
Do we really need to create a new codec object her
Charlie Harrison
2017/03/06 01:51:11
I think it does need to be different. It looks lik
| |
151 codec->encode(reinterpret_cast<const LChar*>(byteString.data()), | |
152 byteString.length() / sizeof(LChar), unencodableHandling); | |
153 } | |
154 | |
155 // Treat as blink 16-bit string (utf-16) if there are an even number of bytes. | |
156 if (size % sizeof(UChar) == 0) { | |
157 std::unique_ptr<TextCodec> codec = newTextCodec(encoding); | |
158 codec->encode(reinterpret_cast<const UChar*>(byteString.data()), | |
159 byteString.length() / sizeof(UChar), unencodableHandling); | |
160 } | |
161 | |
162 return 0; | |
163 } | |
OLD | NEW |