diff options
| author | Tatsuya Kinoshita <tats@debian.org> | 2021-02-24 10:56:25 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-24 10:56:25 +0000 |
| commit | 5a17c8775668eb176ef00de014781987a770acd7 (patch) | |
| tree | 9448b10d9d42cafcb1f2d7feb14e6fa3e01b6918 | |
| parent | Update ChangeLog (diff) | |
| parent | Added initial fuzzer for integration with OSS-Fuzz. (diff) | |
| download | w3m-5a17c8775668eb176ef00de014781987a770acd7.tar.gz w3m-5a17c8775668eb176ef00de014781987a770acd7.zip | |
Merge pull request #169 from DavidKorczynski/master
Added initial fuzzer for integration with OSS-Fuzz.
| -rw-r--r-- | fuzz/fuzz-conv.c | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/fuzz/fuzz-conv.c b/fuzz/fuzz-conv.c new file mode 100644 index 0000000..5817e5d --- /dev/null +++ b/fuzz/fuzz-conv.c @@ -0,0 +1,51 @@ +#include <stdint.h> +#include <string.h> +#include <stdlib.h> +#include "wc.h" + +char *get_null_terminated(const uint8_t *data, size_t size) { + char *new_str = (char *)malloc(size+1); + if (new_str == NULL){ + return NULL; + } + memcpy(new_str, data, size); + new_str[size] = '\0'; + return new_str; +} + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size){ + if (size < 30) { + return 0; + } + + char *new_str1 = get_null_terminated(data, 20); + data += 20; size -= 20; + char *new_str2 = get_null_terminated(data, size); + + wc_ces old, from, to; + from = wc_guess_charset_short(new_str1,0); + to = wc_guess_charset_short(new_str2, 0); + + char filename[256]; + sprintf(filename, "/tmp/libfuzzer.%d", getpid()); + + FILE *fp = fopen(filename, "wb"); + if (!fp) { + return 0; + } + fwrite(data, size, 1, fp); + fclose(fp); + + FILE *f = fopen(filename, "r"); + Str s = Strfgetall(f); + wc_Str_conv_with_detect(s, &from, from, to); + if (s != NULL) { + Strfree(s); + } + + unlink(filename); + + free(new_str1); + free(new_str2); + return 0; +} |