fuzzing: Add a fuzz test for g_utf8_validate()

Since it’s used extensively and has to handle untrusted arbitrary binary
input.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This commit is contained in:
Philip Withnall 2022-11-07 12:56:31 +00:00
parent 483b6f2214
commit 46259f612e
2 changed files with 33 additions and 0 deletions

View File

@ -0,0 +1,32 @@
/*
* Copyright 2022 Endless OS Foundation, LLC
*
* SPDX-License-Identifier: LGPL-2.1-or-later
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#include "fuzz.h"
int
LLVMFuzzerTestOneInput (const unsigned char *data, size_t size)
{
fuzz_set_logging_func ();
/* We dont care whether the fuzzer provides valid or invalid UTF-8 data, just
* that the validation function doesnt crash or do anything undefined. */
g_utf8_validate_len ((const gchar *) data, size, NULL);
return 0;
}

View File

@ -33,6 +33,7 @@ fuzz_targets = [
'fuzz_uri_escape', 'fuzz_uri_escape',
'fuzz_uri_parse', 'fuzz_uri_parse',
'fuzz_uri_parse_params', 'fuzz_uri_parse_params',
'fuzz_utf8_validate',
'fuzz_uuid_string_is_valid', 'fuzz_uuid_string_is_valid',
'fuzz_variant_binary', 'fuzz_variant_binary',
'fuzz_variant_binary_byteswap', 'fuzz_variant_binary_byteswap',