srctree

Robin Linden parent c04f9046 7cc79365
html2: Set up a fuzz test for the tokenizer

This mostly serves as an example for further work on fuzzing things asthe tokenizer is still too incomplete for this to be useful.

inline split

.bazelrc added: 70, removed: 5, total 65

@@ -47,6 +47,10 @@ build:linux --per_file_copt='external/boringssl[:/]@-Wno-gnu-binary-literal'

build:linux --per_file_copt='external/boringssl[:/]@-Wno-overlength-strings'

build:linux --per_file_copt='external/boringssl[:/]@-Wno-pedantic'

build:linux --per_file_copt='external/boringssl[:/]@-Wno-unused-parameter'

build:linux --per_file_copt='external/com_google_absl[:/]@-Wno-double-promotion'

build:linux --per_file_copt='external/com_google_absl[:/]@-Wno-format-nonliteral'

build:linux --per_file_copt='external/com_google_absl[:/]@-Wno-gcc-compat'

build:linux --per_file_copt='external/com_google_absl[:/]@-Wno-pedantic'

build:linux --per_file_copt='external/freetype2[:/]@-Wno-cast-function-type'

build:linux --per_file_copt='external/freetype2[:/]@-Wno-implicit-fallthrough'

build:linux --per_file_copt='external/freetype2[:/]@-Wno-missing-declarations'

@@ -63,6 +67,9 @@ build:linux --per_file_copt='external/imgui[:/]@-Wno-double-promotion'

build:linux --per_file_copt='external/libpng[:/]@-Wno-null-pointer-subtraction'

build:linux --per_file_copt='external/libpng[:/]@-Wno-undef'

build:linux --per_file_copt='external/libpng[:/]@-Wno-unused-but-set-variable'

build:linux --per_file_copt='external/rules_fuzzing[:/]@-Wno-double-promotion'

build:linux --per_file_copt='external/rules_fuzzing[:/]@-Wno-gcc-compat'

build:linux --per_file_copt='external/rules_fuzzing[:/]@-Wno-pedantic'

build:linux --per_file_copt='external/sfml[:/]@-Wno-double-promotion'

build:linux --per_file_copt='external/sfml[:/]@-Wno-implicit-fallthrough'

build:linux --per_file_copt='external/sfml[:/]@-Wno-missing-declarations'

@@ -170,6 +177,11 @@ build:clang14-coverage --action_env=BAZEL_USE_LLVM_NATIVE_COVERAGE=1

build:clang14-coverage --action_env=GCOV=llvm-profdata-14

build:clang14-coverage --experimental_generate_llvm_lcov

build:asan-libfuzzer --config=asan

build:asan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine=@rules_fuzzing//fuzzing/engines:libfuzzer

build:asan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_instrumentation=libfuzzer

build:asan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_sanitizer=asan

# Misc configuration

# =========================================================

WORKSPACE added: 70, removed: 5, total 65

@@ -9,6 +9,21 @@ http_archive(

url = "https://github.com/bazelbuild/platforms/releases/download/0.0.6/platforms-0.0.6.tar.gz",

)

http_archive(

name = "rules_fuzzing",

sha256 = "d9002dd3cd6437017f08593124fdd1b13b3473c7b929ceb0e60d317cb9346118",

strip_prefix = "rules_fuzzing-0.3.2",

url = "https://github.com/bazelbuild/rules_fuzzing/archive/v0.3.2.zip",

)

load("@rules_fuzzing//fuzzing:repositories.bzl", "rules_fuzzing_dependencies")

rules_fuzzing_dependencies()

load("@rules_fuzzing//fuzzing:init.bzl", "rules_fuzzing_init")

rules_fuzzing_init()

# Misc tools

# =========================================================

html2/BUILD added: 70, removed: 5, total 65

@@ -1,4 +1,5 @@

load("@rules_cc//cc:defs.bzl", "cc_library", "cc_test")

load("@rules_fuzzing//fuzzing:cc_defs.bzl", "cc_fuzz_test")

cc_library(

name = "html2",

@@ -32,4 +33,16 @@ dependencies = {

"//etest",

"@fmt",

) for src in glob(["*_test.cpp"])]

) for src in glob(

include = ["*_test.cpp"],

exclude = ["*_fuzz_test.cpp"],

)]

[cc_fuzz_test(

name = src[:-4],

size = "small",

srcs = [src],

tags = ["manual"],

target_compatible_with = ["@platforms//os:linux"],

deps = [":html2"],

) for src in glob(["*_fuzz_test.cpp"])]

filename was Deleted added: 70, removed: 5, total 65

@@ -0,0 +1,25 @@

// SPDX-FileCopyrightText: 2022 Robin Lindén <dev@robinlinden.eu>

// SPDX-License-Identifier: BSD-2-Clause

#include "html2/tokenizer.h"

#include <cstddef>

#include <cstdint>

#include <optional>

#include <string_view>

extern "C" int LLVMFuzzerTestOneInput(uint8_t const *data, size_t size);

extern "C" int LLVMFuzzerTestOneInput(uint8_t const *data, size_t size) {

html2::Tokenizer{std::string_view{reinterpret_cast<char const *>(data), size},

[](html2::Tokenizer &tokenizer, html2::Token &&token) {

if (auto const *start_tag = std::get_if<html2::StartTagToken>(&token)) {

if (start_tag->tag_name == "script") {

tokenizer.set_state(html2::State::ScriptData);

}

}}

.run();

return 0;

}