Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / pdfium / 05d53f0355e9889c43bfa436e985d5643f249d99 / . / testing / libfuzzer / pdf_xml_fuzzer.cc
blob: 592bf0f0667360d13d1d9484387ee0854b476819 [file] [log] [blame]
Oliver Change67d2182016-02-16 11:42:07 -0800[diff] [blame]1// Copyright 2016 The PDFium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include <cstddef>
6#include <cstdint>
7#include <limits>
8#include <memory>
9
Dan Sinclaira8a28e02016-03-23 15:41:39 -0400[diff] [blame]10#include "core/fxcrt/include/fx_basic.h"
11#include "core/fxcrt/include/fx_system.h"
Dan Sinclair1770c022016-03-14 14:14:16 -0400[diff] [blame]12#include "xfa/fxfa/parser/xfa_parser.h"
13#include "xfa/fxfa/parser/xfa_parser_imp.h"
Oliver Change67d2182016-02-16 11:42:07 -0800[diff] [blame]14
15namespace {
16
17IFDE_XMLNode* XFA_FDEExtension_GetDocumentNode(
18 IFDE_XMLDoc* pXMLDoc,
19 FX_BOOL bVerifyWellFormness = FALSE) {
20 if (!pXMLDoc) {
21 return nullptr;
22 }
23 IFDE_XMLNode* pXMLFakeRoot = pXMLDoc->GetRoot();
24 for (IFDE_XMLNode* pXMLNode =
25 pXMLFakeRoot->GetNodeItem(IFDE_XMLNode::FirstChild);
26 pXMLNode; pXMLNode = pXMLNode->GetNodeItem(IFDE_XMLNode::NextSibling)) {
27 if (pXMLNode->GetType() == FDE_XMLNODE_Element) {
28 if (bVerifyWellFormness) {
29 for (IFDE_XMLNode* pNextNode =
30 pXMLNode->GetNodeItem(IFDE_XMLNode::NextSibling);
31 pNextNode;
32 pNextNode = pNextNode->GetNodeItem(IFDE_XMLNode::NextSibling)) {
33 if (pNextNode->GetType() == FDE_XMLNODE_Element) {
34 return FALSE;
35 }
36 }
37 }
38 return pXMLNode;
39 }
40 }
41 return nullptr;
42}
43
44} // namespace
45
46extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
47 if (size > std::numeric_limits<FX_STRSIZE>::max())
48 return 0;
49
50 CFX_WideString input = CFX_WideString::FromUTF8(
51 reinterpret_cast<const char*>(data), static_cast<FX_STRSIZE>(size));
52 std::unique_ptr<IFX_Stream, ReleaseDeleter<IFX_Stream>> stream(
53 XFA_CreateWideTextRead(input));
54 if (!stream)
55 return 0;
56
57 std::unique_ptr<IFDE_XMLDoc> doc(IFDE_XMLDoc::Create());
58 if (!doc)
59 return 0;
60
61 std::unique_ptr<IFDE_XMLParser, ReleaseDeleter<IFDE_XMLParser>> parser(
62 new CXFA_XMLParser(doc->GetRoot(), stream.get()));
63 if (!parser)
64 return 0;
65
66 if (!doc->LoadXML(parser.release()))
67 return 0;
68
69 int32_t load_result = doc->DoLoad(nullptr);
70 if (load_result < 100)
71 return 0;
72
73 (void)XFA_FDEExtension_GetDocumentNode(doc.get());
74 return 0;
75}