File: snappy_uncompress_fuzzer.cc

package info (click to toggle)
chromium 73.0.3683.75-1~deb9u1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 1,792,156 kB
  • sloc: cpp: 13,473,466; ansic: 1,577,080; python: 898,539; javascript: 655,737; xml: 341,883; asm: 306,070; java: 289,969; perl: 80,911; objc: 67,198; sh: 43,184; cs: 27,853; makefile: 12,092; php: 11,064; yacc: 10,373; tcl: 8,875; ruby: 3,941; lex: 1,800; pascal: 1,473; lisp: 812; awk: 41; jsp: 39; sed: 19; sql: 3
file content (25 lines) | stat: -rw-r--r-- 867 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include <stddef.h>
#include <stdint.h>

#include "third_party/snappy/src/snappy-sinksource.h"
#include "third_party/snappy/src/snappy.h"

// Entry point for LibFuzzer.
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
  snappy::ByteArraySource src(reinterpret_cast<const char*>(data), size);
  uint32_t len;
  // Note: src is invalid after GetUncompressedLength call.
  if (!snappy::GetUncompressedLength(&src, &len) || (len > 1E6)) {
    // We have to bail out, to avoid self-crafted decompression bombs.
    return 0;
  }

  std::string uncompressed_str;
  snappy::Uncompress(reinterpret_cast<const char*>(data), size,
                     &uncompressed_str);
  return 0;
}