Add hb-set-fuzzer.
It fuzzes all of the hb_set process methods (intersection, subtraction, union, and symmetric difference).
This commit is contained in:
Garret Rieger
Ebrahim Byagowi
parent
352ac63ef9
commit
bca9bc6b92
|
|
@ -26,6 +26,7 @@ EXTRA_DIST += \
|
|||
check_PROGRAMS = \
|
||||
hb-shape-fuzzer \
|
||||
hb-subset-fuzzer \
|
||||
hb-set-fuzzer \
|
||||
$(NULL)
|
||||
|
||||
AM_CPPFLAGS = \
|
||||
|
|
@ -54,6 +55,16 @@ hb_subset_fuzzer_LDADD = \
|
|||
hb_subset_fuzzer_CPPFLAGS = $(AM_CPPFLAGS)
|
||||
hb_subset_fuzzer_DEPENDENCIES = $(top_builddir)/src/libharfbuzz-subset.la
|
||||
|
||||
hb_set_fuzzer_SOURCES = \
|
||||
hb-fuzzer.hh \
|
||||
hb-set-fuzzer.cc \
|
||||
main.cc \
|
||||
$(NULL)
|
||||
hb_set_fuzzer_LDADD = $(top_builddir)/src/libharfbuzz.la
|
||||
hb_set_fuzzer_CPPFLAGS = $(AM_CPPFLAGS)
|
||||
hb_set_fuzzer_DEPENDENCIES = $(top_builddir)/src/libharfbuzz.la
|
||||
|
||||
|
||||
check:
|
||||
EXEEXT="$(EXEEXT)" srcdir="$(srcdir)" builddir="$(builddir)" LIBTOOL="$(LIBTOOL)" $(srcdir)/run-shape-fuzzer-tests.py
|
||||
EXEEXT="$(EXEEXT)" srcdir="$(srcdir)" builddir="$(builddir)" LIBTOOL="$(LIBTOOL)" $(srcdir)/run-subset-fuzzer-tests.py
|
||||
|
|
|
|||
|
|
@ -0,0 +1,77 @@
|
|||
#include "hb-fuzzer.hh"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include "hb.h"
|
||||
|
||||
enum set_operation_t : uint8_t
|
||||
{
|
||||
INTERSECT,
|
||||
UNION,
|
||||
SUBTRACT,
|
||||
SYMMETRIC_DIFFERENCE
|
||||
};
|
||||
|
||||
struct instructions_t
|
||||
{
|
||||
set_operation_t operation;
|
||||
uint32_t first_set_size;
|
||||
};
|
||||
|
||||
static hb_set_t* create_set (const uint32_t* value_array, int count)
|
||||
{
|
||||
hb_set_t* set = hb_set_create ();
|
||||
for (int i = 0; i < count; i++) {
|
||||
hb_set_add (set, value_array[i]);
|
||||
}
|
||||
return set;
|
||||
}
|
||||
|
||||
|
||||
extern "C" int LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
|
||||
{
|
||||
if (size < sizeof(instructions_t*))
|
||||
return 0;
|
||||
|
||||
const instructions_t* instructions = reinterpret_cast<const instructions_t*> (data);
|
||||
data += sizeof(instructions_t);
|
||||
size -= sizeof(instructions_t);
|
||||
|
||||
const uint32_t* values = reinterpret_cast<const uint32_t*> (data);
|
||||
size = size / sizeof(uint32_t);
|
||||
|
||||
if (size < instructions->first_set_size)
|
||||
return 0;
|
||||
|
||||
hb_set_t* set_a = create_set (values, instructions->first_set_size);
|
||||
|
||||
values += instructions->first_set_size;
|
||||
size -= instructions->first_set_size;
|
||||
hb_set_t* set_b = create_set (values, size);
|
||||
|
||||
switch (instructions->operation)
|
||||
{
|
||||
case INTERSECT:
|
||||
hb_set_intersect (set_a, set_b);
|
||||
break;
|
||||
case UNION:
|
||||
hb_set_union (set_a, set_b);
|
||||
break;
|
||||
case SUBTRACT:
|
||||
hb_set_subtract (set_a, set_b);
|
||||
break;
|
||||
case SYMMETRIC_DIFFERENCE:
|
||||
hb_set_symmetric_difference (set_a, set_b);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
hb_set_destroy (set_a);
|
||||
hb_set_destroy (set_b);
|
||||
|
||||
return 0;
|
||||
}
|
||||
Loading…
Reference in New Issue