/src/jq/tests/jq_fuzz_parse_extended.c

Source
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

#include "jv.h"

int LLVMFuzzerTestOneInput(uint8_t *data, size_t size) {
  if (size < 8) {
    return 0;
  }

  int fuzz_flags = *(int*)data;
  data += 4;
  size -= 4;
  int dump_flags = *(int*)data;
  data += 4;
  size -= 4;

  // Creat null-terminated string
  char *null_terminated = (char *)malloc(size + 1);
  memcpy(null_terminated, (char *)data, size);
  null_terminated[size] = '\0';

  // Fuzzer entrypoint
  jv res = jv_parse_custom_flags(null_terminated, fuzz_flags);
  if (jv_is_valid(res)) {
    jv_dump(res, dump_flags);
  } else {
    jv_free(res);
  }

  // Free the null-terminated string
  free(null_terminated);

  return 0;
}

Line	Count	Source
1		#include <stdint.h>
2		#include <stdlib.h>
3		#include <string.h>
4
5		#include "jv.h"
6
7	4.46k	int LLVMFuzzerTestOneInput(uint8_t *data, size_t size) {
8	4.46k	if (size < 8) {
9	4	return 0;
10	4	}
11
12	4.46k	int fuzz_flags = (int)data;
13	4.46k	data += 4;
14	4.46k	size -= 4;
15	4.46k	int dump_flags = (int)data;
16	4.46k	data += 4;
17	4.46k	size -= 4;
18
19		// Creat null-terminated string
20	4.46k	char null_terminated = (char )malloc(size + 1);
21	4.46k	memcpy(null_terminated, (char *)data, size);
22	4.46k	null_terminated[size] = '\0';
23
24		// Fuzzer entrypoint
25	4.46k	jv res = jv_parse_custom_flags(null_terminated, fuzz_flags);
26	4.46k	if (jv_is_valid(res)) {
27	2.53k	jv_dump(res, dump_flags);
28	2.53k	} else {
29	1.92k	jv_free(res);
30	1.92k	}
31
32		// Free the null-terminated string
33	4.46k	free(null_terminated);
34
35	4.46k	return 0;
36	4.46k	}

Coverage Report

Created: 2025-08-28 06:40