cJSON/fuzzing/cjson_read_fuzzer.c

#include <stdlib.h>
#include <stdint.h>
#include <string.h>

#ifdef __cplusplus
extern "C" {
#endif

#include "../cJSON.h"

int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C89 */

int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
    cJSON *json;
    size_t offset = 4;
    unsigned char *copied;
    char *printed_json = NULL;
    int minify, require_termination, formatted, buffered;


    if(size <= offset) return 0;
    if(data[size-1] != '\0') return 0;
    if(data[0] != '1' && data[0] != '0') return 0;
    if(data[1] != '1' && data[1] != '0') return 0;
    if(data[2] != '1' && data[2] != '0') return 0;
    if(data[3] != '1' && data[3] != '0') return 0;

    minify              = data[0] == '1' ? 1 : 0;
    require_termination = data[1] == '1' ? 1 : 0;
    formatted           = data[2] == '1' ? 1 : 0;
    buffered            = data[3] == '1' ? 1 : 0;

    json = cJSON_ParseWithOpts((const char*)data + offset, NULL, require_termination);

    if(json == NULL) return 0;

    if(buffered)
    {
        printed_json = cJSON_PrintBuffered(json, 1, formatted);
    }
    else
    {
        /* unbuffered printing */
        if(formatted)
        {
            printed_json = cJSON_Print(json);
        }
        else
        {
            printed_json = cJSON_PrintUnformatted(json);
        }
    }

    if(printed_json != NULL) free(printed_json);

    if(minify)
    {
        copied = (unsigned char*)malloc(size);
        if(copied == NULL) return 0;

        memcpy(copied, data, size);

        cJSON_Minify((char*)copied + offset);

        free(copied);
    }

    cJSON_Delete(json);

    return 0;
}

#ifdef __cplusplus
}
#endif
add fuzz target 2019-07-11 11:56:07 +00:00			`#include <stdlib.h>`
			`#include <stdint.h>`
update fuzzer 2019-07-11 12:42:27 +00:00			`#include <string.h>`
add fuzz target 2019-07-11 11:56:07 +00:00
fuzz: add support for compiling with c++ compiler 2019-10-22 11:32:41 +00:00			`#ifdef __cplusplus`
			`extern "C" {`
			`#endif`

add fuzz target 2019-07-11 11:56:07 +00:00			`#include "../cJSON.h"`

convert fuzz target to c89, optimize 2019-10-21 13:27:47 +00:00			`int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C89 */`

add fuzzer driver, integrate with build system 2019-08-24 15:42:48 +00:00			`int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)`
add fuzz target 2019-07-11 11:56:07 +00:00			`{`
add fuzzer driver, integrate with build system 2019-08-24 15:42:48 +00:00			`cJSON *json;`
update fuzzer 2019-07-11 12:42:27 +00:00			`size_t offset = 4;`
add fuzzer driver, integrate with build system 2019-08-24 15:42:48 +00:00			`unsigned char *copied;`
			`char *printed_json = NULL;`
			`int minify, require_termination, formatted, buffered;`

add fuzz target 2019-07-11 11:56:07 +00:00
update fuzzer 2019-07-11 13:09:10 +00:00			`if(size <= offset) return 0;`
convert fuzz target to c89, optimize 2019-10-21 13:27:47 +00:00			`if(data[size-1] != '\0') return 0;`
update fuzzer 2019-07-11 12:42:27 +00:00			`if(data[0] != '1' && data[0] != '0') return 0;`
			`if(data[1] != '1' && data[1] != '0') return 0;`
			`if(data[2] != '1' && data[2] != '0') return 0;`
			`if(data[3] != '1' && data[3] != '0') return 0;`

add fuzzer driver, integrate with build system 2019-08-24 15:42:48 +00:00			`minify = data[0] == '1' ? 1 : 0;`
			`require_termination = data[1] == '1' ? 1 : 0;`
			`formatted = data[2] == '1' ? 1 : 0;`
			`buffered = data[3] == '1' ? 1 : 0;`
update fuzzer 2019-07-11 12:42:27 +00:00
convert fuzz target to c89, optimize 2019-10-21 13:27:47 +00:00			`json = cJSON_ParseWithOpts((const char*)data + offset, NULL, require_termination);`
update fuzzer 2019-07-11 13:03:04 +00:00
convert fuzz target to c89, optimize 2019-10-21 13:27:47 +00:00			`if(json == NULL) return 0;`
add fuzz target 2019-07-11 11:56:07 +00:00
update fuzzer 2019-07-11 12:42:27 +00:00			`if(buffered)`
add fuzz target 2019-07-11 11:56:07 +00:00			`{`
update fuzzer 2019-07-11 12:42:27 +00:00			`printed_json = cJSON_PrintBuffered(json, 1, formatted);`
add fuzz target 2019-07-11 11:56:07 +00:00			`}`
			`else`
			`{`
			`/* unbuffered printing */`
update fuzzer 2019-07-11 12:42:27 +00:00			`if(formatted)`
add fuzz target 2019-07-11 11:56:07 +00:00			`{`
			`printed_json = cJSON_Print(json);`
			`}`
			`else`
			`{`
			`printed_json = cJSON_PrintUnformatted(json);`
			`}`
			`}`

			`if(printed_json != NULL) free(printed_json);`
update fuzzer 2019-07-11 12:42:27 +00:00
			`if(minify)`
			`{`
convert fuzz target to c89, optimize 2019-10-21 13:27:47 +00:00			`copied = (unsigned char*)malloc(size);`
			`if(copied == NULL) return 0;`

			`memcpy(copied, data, size);`

update fuzzer 2019-07-11 13:03:04 +00:00			`cJSON_Minify((char*)copied + offset);`
convert fuzz target to c89, optimize 2019-10-21 13:27:47 +00:00
			`free(copied);`
update fuzzer 2019-07-11 12:42:27 +00:00			`}`

add fuzz target 2019-07-11 11:56:07 +00:00			`cJSON_Delete(json);`

			`return 0;`
			`}`
fuzz: add support for compiling with c++ compiler 2019-10-22 11:32:41 +00:00
			`#ifdef __cplusplus`
			`}`
add new line to endif 2019-10-29 04:47:36 +00:00			`#endif`