VirtualBox

source: vbox/trunk/src/libs/libxml2-2.9.14/fuzz/xpath.c@ 102797

Last change on this file since 102797 was 95312, checked in by vboxsync, 3 years ago

libs/{curl,libxml2}: OSE export fixes, bugref:8515
  • Property svn:eol-style set to native
File size: 1.2 KB
Line 
1/*
2 * xpath.c: a libFuzzer target to test XPath and XPointer expressions.
3 *
4 * See Copyright for the status of this software.
5 */
6
7#include <libxml/parser.h>
8#include <libxml/xpointer.h>
9#include "fuzz.h"
10
11int
12LLVMFuzzerInitialize(int *argc ATTRIBUTE_UNUSED,
13 char ***argv ATTRIBUTE_UNUSED) {
14 xmlInitParser();
15 xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
16
17 return 0;
18}
19
20int
21LLVMFuzzerTestOneInput(const char *data, size_t size) {
22 xmlDocPtr doc;
23 const char *expr, *xml;
24 size_t exprSize, xmlSize;
25
26 if (size > 10000)
27 return(0);
28
29 xmlFuzzDataInit(data, size);
30
31 expr = xmlFuzzReadString(&exprSize);
32 xml = xmlFuzzReadString(&xmlSize);
33
34 /* Recovery mode allows more input to be fuzzed. */
35 doc = xmlReadMemory(xml, xmlSize, NULL, NULL, XML_PARSE_RECOVER);
36 if (doc != NULL) {
37 xmlXPathContextPtr xpctxt = xmlXPathNewContext(doc);
38
39 /* Operation limit to avoid timeout */
40 xpctxt->opLimit = 500000;
41
42 xmlXPathFreeObject(xmlXPtrEval(BAD_CAST expr, xpctxt));
43 xmlXPathFreeContext(xpctxt);
44 }
45 xmlFreeDoc(doc);
46
47 xmlFuzzDataCleanup();
48 xmlResetLastError();
49
50 return(0);
51}
52
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette