File: redaction_tool_fuzzer.cc

package info (click to toggle)
chromium 145.0.7632.159-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 5,976,224 kB
  • sloc: cpp: 36,198,469; ansic: 7,634,080; javascript: 3,564,060; python: 1,649,622; xml: 838,470; asm: 717,087; pascal: 185,708; sh: 88,786; perl: 88,718; objc: 79,984; sql: 59,811; cs: 42,452; fortran: 24,101; makefile: 21,144; tcl: 15,277; php: 14,022; yacc: 9,066; ruby: 7,553; awk: 3,720; lisp: 3,233; lex: 1,328; ada: 727; jsp: 228; sed: 36
file content (50 lines) | stat: -rw-r--r-- 2,088 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "components/feedback/redaction_tool/redaction_tool.h"

#include <fuzzer/FuzzedDataProvider.h>
#include <stddef.h>
#include <stdint.h>

#include <memory>
#include <string>
#include <vector>

#include "base/compiler_specific.h"

extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
  FuzzedDataProvider provider(data, size);

  int first_party_extension_id_count = provider.ConsumeIntegralInRange(-1, 50);
  // This is the storage for the strings inside first_party_extension_ids. This
  // is to make sure the char *'s we pass to the RedactionTool constructor are
  // deleted correctly -- they must be deleted after redactor is destructed, but
  // not leaked.
  std::vector<std::string> first_party_extension_id_store;
  // The first_party_extension_ids we pass to the RedactionTool constructor.
  // This owns the array but not the pointed-to strings. Note that if
  // first_party_extension_id_count is -1, this is not set so we pass nullptr to
  // the constructor; that's deliberate.
  std::unique_ptr<const char*[]> first_party_extension_ids;
  if (first_party_extension_id_count >= 0) {
    first_party_extension_id_store.reserve(first_party_extension_id_count);
    first_party_extension_ids =
        std::make_unique<const char*[]>(first_party_extension_id_count + 1);
    for (int i = 0; i < first_party_extension_id_count; ++i) {
      constexpr int kArbitraryMaxNameLength = 4096;
      first_party_extension_id_store.emplace_back(
          provider.ConsumeRandomLengthString(kArbitraryMaxNameLength));
      UNSAFE_TODO(first_party_extension_ids[i]) =
          first_party_extension_id_store[i].c_str();
    }
    UNSAFE_TODO(first_party_extension_ids[first_party_extension_id_count]) =
        nullptr;
  }

  redaction::RedactionTool redactor(first_party_extension_ids.get());
  redactor.EnableCreditCardRedaction(true);
  redactor.Redact(provider.ConsumeRemainingBytesAsString());
  return 0;
}