diff options
author | Jay Berkenbilt <ejb@ql.org> | 2024-02-04 22:00:36 +0100 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2024-02-04 23:27:49 +0100 |
commit | f0fb19df9d31a550960fac12a6cc96432b885bba (patch) | |
tree | cb1276db708d22a1f569a695529504fb6a397512 /fuzz/json_fuzzer.cc | |
parent | cb0f390cc1f98a8e82b27259f8f3cd5f162992eb (diff) | |
download | qpdf-f0fb19df9d31a550960fac12a6cc96432b885bba.tar.zst |
Add json fuzzer with seed files from #1123 and test suite
...as well as some cases generated in CI from earlier attempts at
fixing this.
Diffstat (limited to 'fuzz/json_fuzzer.cc')
-rw-r--r-- | fuzz/json_fuzzer.cc | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/fuzz/json_fuzzer.cc b/fuzz/json_fuzzer.cc new file mode 100644 index 00000000..3ac644a7 --- /dev/null +++ b/fuzz/json_fuzzer.cc @@ -0,0 +1,57 @@ +#include "qpdf/JSON.hh" +#include "qpdf/QPDF.hh" +#include <qpdf/BufferInputSource.hh> +#include <qpdf/Pl_Discard.hh> +#include <iostream> +#include <stdexcept> + +class FuzzHelper +{ + public: + FuzzHelper(unsigned char const* data, size_t size); + void run(); + + private: + void doChecks(); + + unsigned char const* data; + size_t size; +}; + +FuzzHelper::FuzzHelper(unsigned char const* data, size_t size) : + data(data), + size(size) +{ +} + +void +FuzzHelper::doChecks() +{ + try { + JSON::parse(std::string(reinterpret_cast<char const*>(data), size)); + } catch (std::runtime_error& e) { + std::cerr << "runtime_error parsing json: " << e.what() << std::endl; + } + QPDF q; + Buffer buf(const_cast<unsigned char*>(data), size); + auto is = std::make_shared<BufferInputSource>("json", &buf); + q.createFromJSON(is); +} + +void +FuzzHelper::run() +{ + try { + doChecks(); + } catch (std::runtime_error const& e) { + std::cerr << "runtime_error: " << e.what() << std::endl; + } +} + +extern "C" int +LLVMFuzzerTestOneInput(unsigned char const* data, size_t size) +{ + FuzzHelper f(data, size); + f.run(); + return 0; +} |