[subset] Have the subset fuzzer pull the text string to subset to from the end of the fuzzer provided data.

This commit is contained in:
Garret Rieger 2018-05-31 16:47:39 -07:00
parent bb6f4adac7
commit a070dfd333
1 changed files with 36 additions and 22 deletions

View File

@ -6,41 +6,55 @@
#include "hb-subset.h" #include "hb-subset.h"
void trySubset (hb_face_t *face,
const hb_codepoint_t text[],
int text_length,
bool drop_hints)
{
hb_subset_profile_t *profile = hb_subset_profile_create ();
hb_subset_input_t *input = hb_subset_input_create_or_fail ();
*hb_subset_input_drop_hints(input) = drop_hints;
hb_set_t *codepoints = hb_subset_input_unicode_set (input);
for (int i = 0; i < text_length; i++)
{
hb_set_add (codepoints, text[i]);
}
hb_face_t *result = hb_subset (face, profile, input);
hb_face_destroy (result);
hb_subset_input_destroy (input);
hb_subset_profile_destroy (profile);
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
hb_blob_t *blob = hb_blob_create ((const char *)data, size, hb_blob_t *blob = hb_blob_create ((const char *)data, size,
HB_MEMORY_MODE_READONLY, NULL, NULL); HB_MEMORY_MODE_READONLY, NULL, NULL);
hb_face_t *face = hb_face_create (blob, 0); hb_face_t *face = hb_face_create (blob, 0);
hb_subset_profile_t *profile = hb_subset_profile_create ();
hb_subset_input_t *input = hb_subset_input_create_or_fail ();
*hb_subset_input_drop_hints(input) = false;
hb_set_t *codepoints = hb_subset_input_unicode_set (input);
hb_subset_input_t *input_drop_hints = hb_subset_input_create_or_fail ();
*hb_subset_input_drop_hints(input_drop_hints) = true;
hb_set_t *codepoints_drop_hints = hb_subset_input_unicode_set (input);
const hb_codepoint_t text[] = const hb_codepoint_t text[] =
{ {
'A', 'B', 'C', 'D', 'E', 'X', 'Y', 'Z', '1', '2', 'A', 'B', 'C', 'D', 'E', 'X', 'Y', 'Z', '1', '2',
'3', '@', '_', '%', '&', ')', '*', '$', '!' '3', '@', '_', '%', '&', ')', '*', '$', '!'
}; };
for (int i = 0; i < sizeof (text) / sizeof (hb_codepoint_t); i++)
{ trySubset (face, text, sizeof (text) / sizeof (hb_codepoint_t), true);
hb_set_add (codepoints, text[i]); trySubset (face, text, sizeof (text) / sizeof (hb_codepoint_t), false);
hb_set_add (codepoints_drop_hints, text[i]);
hb_codepoint_t text_from_data[16];
if (size > sizeof(text_from_data)) {
memcpy(text_from_data,
data + size - sizeof(text_from_data),
sizeof(text_from_data));
unsigned int text_size = sizeof (text_from_data) / sizeof (hb_codepoint_t);
trySubset (face, text_from_data, text_size, true);
trySubset (face, text_from_data, text_size, false);
} }
hb_face_t *result = hb_subset (face, profile, input);
hb_face_destroy (result);
result = hb_subset (face, profile, input_drop_hints);
hb_face_destroy (result);
hb_subset_input_destroy (input);
hb_subset_input_destroy (input_drop_hints);
hb_subset_profile_destroy (profile);
hb_face_destroy (face); hb_face_destroy (face);
hb_blob_destroy (blob); hb_blob_destroy (blob);