LCOV - code coverage report
Current view: top level - flamenco/rpcserver - fuzz_json_lex.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 9 10 90.0 %
Date: 2024-11-13 11:58:15 Functions: 1 2 50.0 % 

          Line data    Source code
       1             : #include <stdio.h>
       2             : #include <stdlib.h>
       3             : #include <unistd.h>
       4             : 
       5             : #include "../../util/fd_util.h"
       6             : #include "json_lex.h"
       7             : 
       8             : struct json_lex_state *lex_state = NULL;
       9             : 
      10           0 : void free_lex_state(void) { free(lex_state); }
      11             : 
      12          18 : int LLVMFuzzerInitialize(int *argc, char ***argv) {
      13             :   /* Set up shell without signal handlers */
      14          18 :   putenv("FD_LOG_BACKTRACE=0");
      15          18 :   fd_boot(argc, argv);
      16          18 :   atexit(fd_halt);
      17             : 
      18          18 :   lex_state = malloc(sizeof(struct json_lex_state));
      19          18 :   atexit(free_lex_state);
      20             : 
      21             :   /* Disable parsing error logging */
      22          18 :   fd_log_level_stderr_set(4);
      23          18 :   return 0;
      24          18 : }
      25             : 
      26             : int
      27             : LLVMFuzzerTestOneInput(uchar const *data, ulong size) {
      28             :   json_lex_state_new(lex_state, (const char *)data, size);
      29             : 
      30             :   for (;;) {
      31             :     long token_type = json_lex_next_token(lex_state);
      32             : 
      33             :     if (token_type == JSON_TOKEN_END || token_type == JSON_TOKEN_ERROR) {
      34             :       json_lex_state_delete(lex_state);
      35             :       return 0;
      36             :     }
      37             : 
      38             :     ulong sz_out;
      39             :     const char *out = json_lex_get_text(lex_state, &sz_out);
      40             : 
      41             :     if (sz_out) {
      42             :       // Access the first and last byte of the state
      43             :       const char a __attribute__((unused)) = out[0];
      44             : 
      45             :       // A asan hit here would mean that json_lex_get_text claims that we can
      46             :       // read further than we can.
      47             :       const char b __attribute__((unused)) = out[sz_out - 1];
      48             :     }
      49             :   }
      50             : 
      51             :   return 0;
      52             : }

Generated by: LCOV version 1.14