/src/php-src/sapi/fuzzer/fuzzer-parser.c

Source
/*
   +----------------------------------------------------------------------+
   | Copyright (c) The PHP Group                                          |
   +----------------------------------------------------------------------+
   | This source file is subject to version 3.01 of the PHP license,      |
   | that is bundled with this package in the file LICENSE, and is        |
   | available through the world-wide-web at the following url:           |
   | http://www.php.net/license/3_01.txt                                  |
   | If you did not receive a copy of the PHP license and are unable to   |
   | obtain it through the world-wide-web, please send a note to          |
   | license@php.net so we can mail you a copy immediately.               |
   +----------------------------------------------------------------------+
   | Authors: Johannes Schlüter <johanes@php.net>                         |
   |          Stanislav Malyshev <stas@php.net>                           |
   +----------------------------------------------------------------------+
 */

#include <main/php.h>
#include <main/php_main.h>
#include <main/SAPI.h>
#include <ext/standard/info.h>
#include <ext/standard/php_var.h>
#include <main/php_variables.h>

#include "fuzzer.h"
#include "fuzzer-sapi.h"

int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
  char *s;
  if (Size > 32 * 1024) {
    /* Large inputs have a large impact on fuzzer performance,
     * but are unlikely to be necessary to reach new codepaths. */
    return 0;
  }

  s = malloc(Size+1);
  memcpy(s, Data, Size);
  s[Size] = '\0';

  fuzzer_do_request_from_buffer("fuzzer.php", s, Size);

  /* Do not free s: fuzzer_do_request_from_buffer() takes ownership of the allocation. */
  return 0;
}

int LLVMFuzzerInitialize(int *argc, char ***argv) {
  /* Compilation will often trigger fatal errors.
   * Use tracked allocation mode to avoid leaks in that case. */
  putenv("USE_TRACKED_ALLOC=1");

  fuzzer_init_php();

  /* fuzzer_shutdown_php(); */
  return 0;
}

Line	Count	Source
1		/*
2		+----------------------------------------------------------------------+
3		\| Copyright (c) The PHP Group \|
4		+----------------------------------------------------------------------+
5		\| This source file is subject to version 3.01 of the PHP license, \|
6		\| that is bundled with this package in the file LICENSE, and is \|
7		\| available through the world-wide-web at the following url: \|
8		\| http://www.php.net/license/3_01.txt \|
9		\| If you did not receive a copy of the PHP license and are unable to \|
10		\| obtain it through the world-wide-web, please send a note to \|
11		\| license@php.net so we can mail you a copy immediately. \|
12		+----------------------------------------------------------------------+
13		\| Authors: Johannes Schlüter <johanes@php.net> \|
14		\| Stanislav Malyshev <stas@php.net> \|
15		+----------------------------------------------------------------------+
16		*/
17
18		#include <main/php.h>
19		#include <main/php_main.h>
20		#include <main/SAPI.h>
21		#include <ext/standard/info.h>
22		#include <ext/standard/php_var.h>
23		#include <main/php_variables.h>
24
25		#include "fuzzer.h"
26		#include "fuzzer-sapi.h"
27
28	386k	int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
29	386k	char *s;
30	386k	if (Size > 32 * 1024) {
31		/* Large inputs have a large impact on fuzzer performance,
32		* but are unlikely to be necessary to reach new codepaths. */
33	3.31k	return 0;
34	3.31k	}
35
36	383k	s = malloc(Size+1);
37	383k	memcpy(s, Data, Size);
38	383k	s[Size] = '\0';
39
40	383k	fuzzer_do_request_from_buffer("fuzzer.php", s, Size);
41
42		/* Do not free s: fuzzer_do_request_from_buffer() takes ownership of the allocation. */
43	383k	return 0;
44	383k	}
45
46	3.54k	int LLVMFuzzerInitialize(int argc, char **argv) {
47		/* Compilation will often trigger fatal errors.
48		* Use tracked allocation mode to avoid leaks in that case. */
49	3.54k	putenv("USE_TRACKED_ALLOC=1");
50
51	3.54k	fuzzer_init_php();
52
53		/* fuzzer_shutdown_php(); */
54	3.54k	return 0;
55	3.54k	}

Coverage Report

Created: 2022-10-14 11:20