/src/cjson/fuzzing/cjson_read_fuzzer.c

Source (jump to first uncovered line)
#include <stdlib.h>
#include <stdint.h>
#include <string.h>

#ifdef __cplusplus
extern "C" {
#endif

#include "../cJSON.h"

int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C89 */

int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
    cJSON *json;
    size_t offset = 4;
    unsigned char *copied;
    char *printed_json = NULL;
    int minify, require_termination, formatted, buffered;


    if(size <= offset) return 0;
    if(data[size-1] != '\0') return 0;
    if(data[0] != '1' && data[0] != '0') return 0;
    if(data[1] != '1' && data[1] != '0') return 0;
    if(data[2] != '1' && data[2] != '0') return 0;
    if(data[3] != '1' && data[3] != '0') return 0;

    minify              = data[0] == '1' ? 1 : 0;
    require_termination = data[1] == '1' ? 1 : 0;
    formatted           = data[2] == '1' ? 1 : 0;
    buffered            = data[3] == '1' ? 1 : 0;

    json = cJSON_ParseWithOpts((const char*)data + offset, NULL, require_termination);

    if(json == NULL) return 0;

    if(buffered)
    {
        printed_json = cJSON_PrintBuffered(json, 1, formatted);
    }
    else
    {
        /* unbuffered printing */
        if(formatted)
        {
            printed_json = cJSON_Print(json);
        }
        else
        {
            printed_json = cJSON_PrintUnformatted(json);
        }
    }

    if(printed_json != NULL) free(printed_json);

    if(minify)
    {
        copied = (unsigned char*)malloc(size);
        if(copied == NULL) return 0;

        memcpy(copied, data, size);

        cJSON_Minify((char*)copied + offset);

        free(copied);
    }

    cJSON_Delete(json);

    return 0;
}

#ifdef __cplusplus
}
#endif


Line	Count	Source (jump to first uncovered line)
1		#include <stdlib.h>
2		#include <stdint.h>
3		#include <string.h>
4
5		#ifdef __cplusplus
6		extern "C" {
7		#endif
8
9		#include "../cJSON.h"
10
11		int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C89 */
12
13		int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
14	2.04k	{
15	2.04k	cJSON *json;
16	2.04k	size_t offset = 4;
17	2.04k	unsigned char *copied;
18	2.04k	char *printed_json = NULL;
19	2.04k	int minify, require_termination, formatted, buffered;
20
21
22	2.04k	if(size <= offset) return 0;
23	2.04k	if(data[size-1] != '\0') return 0;
24	2.03k	if(data[0] != '1' && data[0] != '0') return 0;
25	2.02k	if(data[1] != '1' && data[1] != '0') return 0;
26	2.00k	if(data[2] != '1' && data[2] != '0') return 0;
27	1.99k	if(data[3] != '1' && data[3] != '0') return 0;
28
29	1.98k	minify = data[0] == '1' ? 1 : 0;
30	1.98k	require_termination = data[1] == '1' ? 1 : 0;
31	1.98k	formatted = data[2] == '1' ? 1 : 0;
32	1.98k	buffered = data[3] == '1' ? 1 : 0;
33
34	1.98k	json = cJSON_ParseWithOpts((const char*)data + offset, NULL, require_termination);
35
36	1.98k	if(json == NULL) return 0;
37
38	1.04k	if(buffered)
39	507	{
40	507	printed_json = cJSON_PrintBuffered(json, 1, formatted);
41	507	}
42	539	else
43	539	{
44		/* unbuffered printing */
45	539	if(formatted)
46	279	{
47	279	printed_json = cJSON_Print(json);
48	279	}
49	260	else
50	260	{
51	260	printed_json = cJSON_PrintUnformatted(json);
52	260	}
53	539	}
54
55	1.04k	if(printed_json != NULL) free(printed_json);
56
57	1.04k	if(minify)
58	852	{
59	852	copied = (unsigned char*)malloc(size);
60	852	if(copied == NULL) return 0;
61
62	852	memcpy(copied, data, size);
63
64	852	cJSON_Minify((char*)copied + offset);
65
66	852	free(copied);
67	852	}
68
69	1.04k	cJSON_Delete(json);
70
71	1.04k	return 0;
72	1.04k	}
73
74		#ifdef __cplusplus
75		}
76		#endif
77

Coverage Report

Created: 2025-08-29 06:27