Mercurial > hg
comparison contrib/fuzz/jsonescapeu8fast.cc @ 43153:741fb1a95da2
fuzz: new target to fuzz jsonescapeu8fast
This code just feels complicated enough we should go ahead and give it
a dedicated fuzzer: we've found bugs in similar things before.
Differential Revision: https://phab.mercurial-scm.org/D7034
author | Augie Fackler <augie@google.com> |
---|---|
date | Wed, 09 Oct 2019 20:49:58 -0700 |
parents | |
children | 5a9e2ae9899b |
comparison
equal
deleted
inserted
replaced
43152:b37dd26935ee | 43153:741fb1a95da2 |
---|---|
1 #include <Python.h> | |
2 #include <assert.h> | |
3 #include <stdlib.h> | |
4 #include <unistd.h> | |
5 | |
6 #include "pyutil.h" | |
7 | |
8 #include <fuzzer/FuzzedDataProvider.h> | |
9 #include <iostream> | |
10 #include <string> | |
11 | |
12 extern "C" { | |
13 | |
14 static PyCodeObject *code; | |
15 | |
16 extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) | |
17 { | |
18 contrib::initpy(*argv[0]); | |
19 code = (PyCodeObject *)Py_CompileString(R"py( | |
20 from parsers import jsonescapeu8fast | |
21 | |
22 try: | |
23 jsonescapeu8fast(data, paranoid) | |
24 except Exception as e: | |
25 pass | |
26 # uncomment this print if you're editing this Python code | |
27 # to debug failures. | |
28 # print(e) | |
29 )py", | |
30 "fuzzer", Py_file_input); | |
31 if (!code) { | |
32 std::cerr << "failed to compile Python code!" << std::endl; | |
33 } | |
34 return 0; | |
35 } | |
36 | |
37 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) | |
38 { | |
39 FuzzedDataProvider provider(Data, Size); | |
40 bool paranoid = provider.ConsumeBool(); | |
41 std::string remainder = provider.ConsumeRemainingBytesAsString(); | |
42 | |
43 PyObject *mtext = PyBytes_FromStringAndSize( | |
44 (const char *)remainder.c_str(), remainder.size()); | |
45 PyObject *locals = PyDict_New(); | |
46 PyDict_SetItemString(locals, "data", mtext); | |
47 PyDict_SetItemString(locals, "paranoid", paranoid ? Py_True : Py_False); | |
48 PyObject *res = PyEval_EvalCode(code, contrib::pyglobals(), locals); | |
49 if (!res) { | |
50 PyErr_Print(); | |
51 } | |
52 Py_XDECREF(res); | |
53 Py_DECREF(locals); | |
54 Py_DECREF(mtext); | |
55 return 0; // Non-zero return values are reserved for future use. | |
56 } | |
57 } |