Coverage Report

Created: 2025-12-10 06:46

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/cjson/fuzzing/cjson_read_fuzzer.c
Line
Count
Source
1
#include <stdlib.h>
2
#include <stdint.h>
3
#include <string.h>
4
5
#ifdef __cplusplus
6
extern "C" {
7
#endif
8
9
#include "../cJSON.h"
10
11
int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C89 */
12
13
int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
14
1.76k
{
15
1.76k
    cJSON *json;
16
1.76k
    size_t offset = 4;
17
1.76k
    unsigned char *copied;
18
1.76k
    char *printed_json = NULL;
19
1.76k
    int minify, require_termination, formatted, buffered;
20
21
22
1.76k
    if(size <= offset) return 0;
23
1.75k
    if(data[size-1] != '\0') return 0;
24
1.75k
    if(data[0] != '1' && data[0] != '0') return 0;
25
1.73k
    if(data[1] != '1' && data[1] != '0') return 0;
26
1.72k
    if(data[2] != '1' && data[2] != '0') return 0;
27
1.70k
    if(data[3] != '1' && data[3] != '0') return 0;
28
29
1.69k
    minify              = data[0] == '1' ? 1 : 0;
30
1.69k
    require_termination = data[1] == '1' ? 1 : 0;
31
1.69k
    formatted           = data[2] == '1' ? 1 : 0;
32
1.69k
    buffered            = data[3] == '1' ? 1 : 0;
33
34
1.69k
    json = cJSON_ParseWithOpts((const char*)data + offset, NULL, require_termination);
35
36
1.69k
    if(json == NULL) return 0;
37
38
938
    if(buffered)
39
509
    {
40
509
        printed_json = cJSON_PrintBuffered(json, 1, formatted);
41
509
    }
42
429
    else
43
429
    {
44
        /* unbuffered printing */
45
429
        if(formatted)
46
228
        {
47
228
            printed_json = cJSON_Print(json);
48
228
        }
49
201
        else
50
201
        {
51
201
            printed_json = cJSON_PrintUnformatted(json);
52
201
        }
53
429
    }
54
55
938
    if(printed_json != NULL) free(printed_json);
56
57
938
    if(minify)
58
815
    {
59
815
        copied = (unsigned char*)malloc(size);
60
815
        if(copied == NULL) return 0;
61
62
815
        memcpy(copied, data, size);
63
64
815
        cJSON_Minify((char*)copied + offset);
65
66
815
        free(copied);
67
815
    }
68
69
938
    cJSON_Delete(json);
70
71
938
    return 0;
72
938
}
73
74
#ifdef __cplusplus
75
}
76
#endif
77