| Oliver Chang | e67d218 | 2016-02-16 11:42:07 -0800 | [diff] [blame^] | 1 | // Copyright 2016 The PDFium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include <cstddef> |
| 6 | #include <cstdint> |
| 7 | #include <limits> |
| 8 | #include <memory> |
| 9 | |
| 10 | #include "core/include/fxcrt/fx_basic.h" |
| 11 | #include "core/include/fxcrt/fx_system.h" |
| 12 | #include "xfa/src/foxitlib.h" |
| 13 | #include "xfa/src/fxfa/src/common/xfa_common.h" |
| 14 | #include "xfa/src/fxfa/src/parser/xfa_parser_imp.h" |
| 15 | |
| 16 | namespace { |
| 17 | |
| 18 | IFDE_XMLNode* XFA_FDEExtension_GetDocumentNode( |
| 19 | IFDE_XMLDoc* pXMLDoc, |
| 20 | FX_BOOL bVerifyWellFormness = FALSE) { |
| 21 | if (!pXMLDoc) { |
| 22 | return nullptr; |
| 23 | } |
| 24 | IFDE_XMLNode* pXMLFakeRoot = pXMLDoc->GetRoot(); |
| 25 | for (IFDE_XMLNode* pXMLNode = |
| 26 | pXMLFakeRoot->GetNodeItem(IFDE_XMLNode::FirstChild); |
| 27 | pXMLNode; pXMLNode = pXMLNode->GetNodeItem(IFDE_XMLNode::NextSibling)) { |
| 28 | if (pXMLNode->GetType() == FDE_XMLNODE_Element) { |
| 29 | if (bVerifyWellFormness) { |
| 30 | for (IFDE_XMLNode* pNextNode = |
| 31 | pXMLNode->GetNodeItem(IFDE_XMLNode::NextSibling); |
| 32 | pNextNode; |
| 33 | pNextNode = pNextNode->GetNodeItem(IFDE_XMLNode::NextSibling)) { |
| 34 | if (pNextNode->GetType() == FDE_XMLNODE_Element) { |
| 35 | return FALSE; |
| 36 | } |
| 37 | } |
| 38 | } |
| 39 | return pXMLNode; |
| 40 | } |
| 41 | } |
| 42 | return nullptr; |
| 43 | } |
| 44 | |
| 45 | } // namespace |
| 46 | |
| 47 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
| 48 | if (size > std::numeric_limits<FX_STRSIZE>::max()) |
| 49 | return 0; |
| 50 | |
| 51 | CFX_WideString input = CFX_WideString::FromUTF8( |
| 52 | reinterpret_cast<const char*>(data), static_cast<FX_STRSIZE>(size)); |
| 53 | std::unique_ptr<IFX_Stream, ReleaseDeleter<IFX_Stream>> stream( |
| 54 | XFA_CreateWideTextRead(input)); |
| 55 | if (!stream) |
| 56 | return 0; |
| 57 | |
| 58 | std::unique_ptr<IFDE_XMLDoc> doc(IFDE_XMLDoc::Create()); |
| 59 | if (!doc) |
| 60 | return 0; |
| 61 | |
| 62 | std::unique_ptr<IFDE_XMLParser, ReleaseDeleter<IFDE_XMLParser>> parser( |
| 63 | new CXFA_XMLParser(doc->GetRoot(), stream.get())); |
| 64 | if (!parser) |
| 65 | return 0; |
| 66 | |
| 67 | if (!doc->LoadXML(parser.release())) |
| 68 | return 0; |
| 69 | |
| 70 | int32_t load_result = doc->DoLoad(nullptr); |
| 71 | if (load_result < 100) |
| 72 | return 0; |
| 73 | |
| 74 | (void)XFA_FDEExtension_GetDocumentNode(doc.get()); |
| 75 | return 0; |
| 76 | } |