LCOV - code coverage report
Current view: top level - discof/rpcserver - fuzz_json_lex.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 10 11 90.9 %
Date: 2025-03-20 12:08:36 Functions: 1 2 50.0 %

          Line data    Source code
       1             : #include <stdlib.h>
       2             : #include <unistd.h>
       3             : 
       4             : #include "../../util/fd_util.h"
       5             : #include "json_lex.h"
       6             : 
       7             : # define SMAX (1L<<20UL)
       8             : # define FMAX (1UL)
       9             : uchar scratch_mem [ SMAX ] __attribute__((aligned(FD_SCRATCH_SMEM_ALIGN)));
      10             : ulong scratch_fmem[ FMAX ] __attribute((aligned(FD_SCRATCH_FMEM_ALIGN)));
      11             : 
      12             : struct json_lex_state *lex_state = NULL;
      13             : 
      14           0 : void free_lex_state( void ) { free(lex_state); }
      15             : 
      16          15 : int LLVMFuzzerInitialize(int *argc, char ***argv) {
      17             :   /* Set up shell without signal handlers */
      18          15 :   putenv("FD_LOG_BACKTRACE=0");
      19          15 :   fd_boot(argc, argv);
      20          15 :   atexit(fd_halt);
      21          15 :   fd_log_level_core_set(3); /* crash on warning log */
      22             : 
      23          15 :   lex_state = malloc(sizeof(struct json_lex_state));
      24          15 :   atexit(free_lex_state);
      25             : 
      26             :   /* Disable parsing error logging */
      27          15 :   fd_log_level_stderr_set(4);
      28          15 :   return 0;
      29          15 : }
      30             : 
      31             : int
      32             : LLVMFuzzerTestOneInput(uchar const *data, ulong size) {
      33             :   fd_scratch_attach( scratch_mem, scratch_fmem, SMAX, FMAX );
      34             :   fd_scratch_push();
      35             :   json_lex_state_new(lex_state, (const char *)data, size);
      36             :   for (;;) {
      37             :     long token_type = json_lex_next_token(lex_state);
      38             : 
      39             :     if (token_type == JSON_TOKEN_END || token_type == JSON_TOKEN_ERROR) {
      40             :       break;
      41             :     }
      42             : 
      43             :     ulong sz_out;
      44             :     const char *out = json_lex_get_text(lex_state, &sz_out);
      45             : 
      46             :     if (sz_out) {
      47             :       // Access the first and last byte of the state
      48             :       const char a __attribute__((unused)) = out[0];
      49             : 
      50             :       // An ASAN hit here would mean that json_lex_get_text claims that we can
      51             :       // read further than we can.
      52             :       const char b __attribute__((unused)) = out[sz_out - 1];
      53             :     }
      54             :   }
      55             : 
      56             :   json_lex_state_delete(lex_state);
      57             :   fd_scratch_pop();
      58             :   fd_scratch_detach( NULL );
      59             :   return 0;
      60             : }

Generated by: LCOV version 1.14