summaryrefslogtreecommitdiff
path: root/testing/libfuzzer/pdf_css_fuzzer.cc
diff options
context:
space:
mode:
authordsinclair <dsinclair@chromium.org>2016-06-14 07:34:20 -0700
committerCommit bot <commit-bot@chromium.org>2016-06-14 07:34:20 -0700
commit756d37943415ca15d491b79ba78012225a06db76 (patch)
tree817ecb7fc2a84e7562006931ff97ad46858fe4d3 /testing/libfuzzer/pdf_css_fuzzer.cc
parentfc6326d6cd51878c8ec3b8b51767dce368d07f67 (diff)
downloadpdfium-756d37943415ca15d491b79ba78012225a06db76.tar.xz
Add fuzzer for FDE CSS syntax parser.
This CL adds a fuzzer for the CSS Syntax parser in XFA. BUG=chromium:587126 Review-Url: https://codereview.chromium.org/2068513002
Diffstat (limited to 'testing/libfuzzer/pdf_css_fuzzer.cc')
-rw-r--r--testing/libfuzzer/pdf_css_fuzzer.cc31
1 files changed, 31 insertions, 0 deletions
diff --git a/testing/libfuzzer/pdf_css_fuzzer.cc b/testing/libfuzzer/pdf_css_fuzzer.cc
new file mode 100644
index 0000000000..da8b1f53f6
--- /dev/null
+++ b/testing/libfuzzer/pdf_css_fuzzer.cc
@@ -0,0 +1,31 @@
+// Copyright 2016 The PDFium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <memory>
+
+#include "core/fxcrt/include/fx_string.h"
+#include "xfa/fde/css/fde_css.h"
+#include "xfa/fde/css/fde_csssyntax.h"
+#include "xfa/fgas/crt/fgas_stream.h"
+#include "xfa/fxfa/parser/xfa_utils.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ CFDE_CSSSyntaxParser parser;
+
+ CFX_WideString input = CFX_WideString::FromUTF8(
+ CFX_ByteStringC(data, static_cast<FX_STRSIZE>(size)));
+ std::unique_ptr<IFX_Stream, ReleaseDeleter<IFX_Stream>> stream(
+ XFA_CreateWideTextRead(input));
+ if (!stream)
+ return 0;
+
+ parser.Init(stream.get(), 1024);
+
+ FDE_CSSSYNTAXSTATUS status = parser.DoSyntaxParse();
+ while (status != FDE_CSSSYNTAXSTATUS_Error &&
+ status != FDE_CSSSYNTAXSTATUS_EOS)
+ status = parser.DoSyntaxParse();
+
+ return 0;
+}