/src/php-src/sapi/fuzzer/fuzzer-parser.c

Source
/*
   +----------------------------------------------------------------------+
   | Copyright © The PHP Group and Contributors.                          |
   +----------------------------------------------------------------------+
   | This source file is subject to the Modified BSD License that is      |
   | bundled with this package in the file LICENSE, and is available      |
   | through the World Wide Web at <https://www.php.net/license/>.        |
   |                                                                      |
   | SPDX-License-Identifier: BSD-3-Clause                                |
   +----------------------------------------------------------------------+
   | Authors: Johannes Schlüter <johanes@php.net>                         |
   |          Stanislav Malyshev <stas@php.net>                           |
   +----------------------------------------------------------------------+
 */

#include <main/php.h>
#include <main/php_main.h>
#include <main/SAPI.h>
#include <ext/standard/info.h>
#include <ext/standard/php_var.h>
#include <main/php_variables.h>

#include "fuzzer.h"
#include "fuzzer-sapi.h"

int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
  if (Size > 6 * 1024) {
    /* Large inputs have a large impact on fuzzer performance and may cause stack overflows,
     * but are unlikely to be necessary to reach new codepaths. */
    return 0;
  }

  fuzzer_do_request_from_buffer(
    "fuzzer.php", (const char *) Data, Size, /* execute */ 0, /* before_shutdown */ NULL);

  return 0;
}

int LLVMFuzzerInitialize(int *argc, char ***argv) {
  /* Compilation will often trigger fatal errors.
   * Use tracked allocation mode to avoid leaks in that case. */
  putenv("USE_TRACKED_ALLOC=1");

  fuzzer_init_php(NULL);

  /* fuzzer_shutdown_php(); */
  return 0;
}

Line	Count	Source
1		/*
2		+----------------------------------------------------------------------+
3		\| Copyright © The PHP Group and Contributors. \|
4		+----------------------------------------------------------------------+
5		\| This source file is subject to the Modified BSD License that is \|
6		\| bundled with this package in the file LICENSE, and is available \|
7		\| through the World Wide Web at <https://www.php.net/license/>. \|
8		\| \|
9		\| SPDX-License-Identifier: BSD-3-Clause \|
10		+----------------------------------------------------------------------+
11		\| Authors: Johannes Schlüter <johanes@php.net> \|
12		\| Stanislav Malyshev <stas@php.net> \|
13		+----------------------------------------------------------------------+
14		*/
15
16		#include <main/php.h>
17		#include <main/php_main.h>
18		#include <main/SAPI.h>
19		#include <ext/standard/info.h>
20		#include <ext/standard/php_var.h>
21		#include <main/php_variables.h>
22
23		#include "fuzzer.h"
24		#include "fuzzer-sapi.h"
25
26	38.9k	int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
27	38.9k	if (Size > 6 * 1024) {
28		/* Large inputs have a large impact on fuzzer performance and may cause stack overflows,
29		* but are unlikely to be necessary to reach new codepaths. */
30	3	return 0;
31	3	}
32
33	38.9k	fuzzer_do_request_from_buffer(
34	38.9k	"fuzzer.php", (const char ) Data, Size, / execute / 0, / before_shutdown */ NULL);
35
36	38.9k	return 0;
37	38.9k	}
38
39	2	int LLVMFuzzerInitialize(int argc, char **argv) {
40		/* Compilation will often trigger fatal errors.
41		* Use tracked allocation mode to avoid leaks in that case. */
42	2	putenv("USE_TRACKED_ALLOC=1");
43
44	2	fuzzer_init_php(NULL);
45
46		/* fuzzer_shutdown_php(); */
47	2	return 0;
48	2	}

Coverage Report

Created: 2026-06-02 06:37