From 236e47afa53d3f065024cc6490a49b431c108078 Mon Sep 17 00:00:00 2001
From: tsepez <tsepez@chromium.org>
Date: Mon, 22 Aug 2016 13:11:21 -0700
Subject: Add fuzzer for CPDF_StreamParser

Review-Url: https://codereview.chromium.org/2262703003
---
 testing/libfuzzer/BUILD.gn                   | 15 +++++++++++++++
 testing/libfuzzer/pdf_streamparser_fuzzer.cc | 17 +++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 testing/libfuzzer/pdf_streamparser_fuzzer.cc

diff --git a/testing/libfuzzer/BUILD.gn b/testing/libfuzzer/BUILD.gn
index 811618d089..698953c7b4 100644
--- a/testing/libfuzzer/BUILD.gn
+++ b/testing/libfuzzer/BUILD.gn
@@ -198,3 +198,18 @@ source_set("pdf_hint_table_fuzzer") {
     ":libfuzzer_config",
   ]
 }
+
+source_set("pdf_streamparser_fuzzer") {
+  testonly = true
+  sources = [
+    "pdf_streamparser_fuzzer.cc",
+  ]
+  deps = [
+    "//third_party/pdfium:pdfium",
+  ]
+  configs -= [ "//build/config/compiler:chromium_code" ]
+  configs += [
+    "//build/config/compiler:no_chromium_code",
+    ":libfuzzer_config",
+  ]
+}
diff --git a/testing/libfuzzer/pdf_streamparser_fuzzer.cc b/testing/libfuzzer/pdf_streamparser_fuzzer.cc
new file mode 100644
index 0000000000..607c44b044
--- /dev/null
+++ b/testing/libfuzzer/pdf_streamparser_fuzzer.cc
@@ -0,0 +1,17 @@
+// Copyright 2016 The PDFium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "core/fpdfapi/fpdf_page/pageint.h"
+
+#include <cstdint>
+
+#include "core/fpdfapi/fpdf_parser/include/cpdf_object.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  CPDF_StreamParser parser(data, size);
+  while (CPDF_Object* pObj = parser.ReadNextObject(true, 0))
+    pObj->Release();
+
+  return 0;
+}
-- 
cgit v1.2.3