fuzzing: Add a fuzz test for g_utf8_validate()

Since it’s used extensively and has to handle untrusted arbitrary binary
input.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

fuzzing/fuzz_utf8_validate.c

@@ -0,0 +1,32 @@
+/*
+ * Copyright 2022 Endless OS Foundation, LLC
+ *
+ * SPDX-License-Identifier: LGPL-2.1-or-later
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "fuzz.h"
+
+int
+LLVMFuzzerTestOneInput (const unsigned char *data, size_t size)
+{
+  fuzz_set_logging_func ();
+
+  /* We don’t care whether the fuzzer provides valid or invalid UTF-8 data, just
+   * that the validation function doesn’t crash or do anything undefined. */
+  g_utf8_validate_len ((const gchar *) data, size, NULL);
+
+  return 0;
+}

fuzzing/meson.build

@@ -33,6 +33,7 @@ fuzz_targets = [
   'fuzz_uri_escape',
   'fuzz_uri_parse',
   'fuzz_uri_parse_params',
+  'fuzz_utf8_validate',
   'fuzz_uuid_string_is_valid',
   'fuzz_variant_binary',
   'fuzz_variant_binary_byteswap',