/src/node/test/fuzzers/fuzz_string_decoder.cc

Source
// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#include <cstdint>
#include <string>
#include "fuzzer/FuzzedDataProvider.h"
#include "fuzz_common.h"
#include "fuzz_js_format.h"

namespace {
constexpr const char* kSrc = R"JS(
  (function(a, b, c){
    const { StringDecoder } = require('node:string_decoder');
    const decoder = new StringDecoder('utf8');
    decoder.write(Buffer.from(a));
    decoder.write(Buffer.from(b));
    decoder.end(Buffer.from(c));
  })
)JS";
} // namespace

extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
  FuzzedDataProvider fdp(data, size);

  const size_t len0 = fdp.ConsumeIntegralInRange<size_t>(0, 4096);
  const std::string a0 = fdp.ConsumeRandomLengthString(len0);
  const size_t len1 = fdp.ConsumeIntegralInRange<size_t>(0, 4096);
  const std::string a1 = fdp.ConsumeRandomLengthString(len1);
  const std::string a2 = fdp.ConsumeRemainingBytesAsString();

  fuzz::IsolateScope iso;
  if (!iso.ok()) return 0;

  const std::string js = FormatJs(
      "try { ({0})({1},{2},{3}); } catch (e) {}",
      std::string(kSrc),
      ToSingleQuotedJsLiteral(a0),
      ToSingleQuotedJsLiteral(a1),
      ToSingleQuotedJsLiteral(a2));
  fuzz::RunEnvString(iso.isolate(), js.c_str());
  return 0;
}

Line	Count	Source
1		// Copyright 2025 Google LLC
2		//
3		// Licensed under the Apache License, Version 2.0 (the "License");
4		// you may not use this file except in compliance with the License.
5		// You may obtain a copy of the License at
6		//
7		// http://www.apache.org/licenses/LICENSE-2.0
8		//
9		// Unless required by applicable law or agreed to in writing, software
10		// distributed under the License is distributed on an "AS IS" BASIS,
11		// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		// See the License for the specific language governing permissions and
13		// limitations under the License.
14
15		#include <cstdint>
16		#include <string>
17		#include "fuzzer/FuzzedDataProvider.h"
18		#include "fuzz_common.h"
19		#include "fuzz_js_format.h"
20
21		namespace {
22		constexpr const char* kSrc = R"JS(
23		(function(a, b, c){
24		const { StringDecoder } = require('node:string_decoder');
25		const decoder = new StringDecoder('utf8');
26		decoder.write(Buffer.from(a));
27		decoder.write(Buffer.from(b));
28		decoder.end(Buffer.from(c));
29		})
30		)JS";
31		} // namespace
32
33	22.0k	extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
34	22.0k	FuzzedDataProvider fdp(data, size);
35
36	22.0k	const size_t len0 = fdp.ConsumeIntegralInRange<size_t>(0, 4096);
37	22.0k	const std::string a0 = fdp.ConsumeRandomLengthString(len0);
38	22.0k	const size_t len1 = fdp.ConsumeIntegralInRange<size_t>(0, 4096);
39	22.0k	const std::string a1 = fdp.ConsumeRandomLengthString(len1);
40	22.0k	const std::string a2 = fdp.ConsumeRemainingBytesAsString();
41
42	22.0k	fuzz::IsolateScope iso;
43	22.0k	if (!iso.ok()) return 0;
44
45	22.0k	const std::string js = FormatJs(
46	22.0k	"try { ({0})({1},{2},{3}); } catch (e) {}",
47	22.0k	std::string(kSrc),
48	22.0k	ToSingleQuotedJsLiteral(a0),
49	22.0k	ToSingleQuotedJsLiteral(a1),
50	22.0k	ToSingleQuotedJsLiteral(a2));
51	22.0k	fuzz::RunEnvString(iso.isolate(), js.c_str());
52	22.0k	return 0;
53	22.0k	}

Coverage Report

Created: 2025-10-31 09:06