Coverage Report

Created: 2025-06-13 06:43

/src/php-src/sapi/fuzzer/fuzzer-parser.c
Line
Count
Source
1
/*
2
   +----------------------------------------------------------------------+
3
   | Copyright (c) The PHP Group                                          |
4
   +----------------------------------------------------------------------+
5
   | This source file is subject to version 3.01 of the PHP license,      |
6
   | that is bundled with this package in the file LICENSE, and is        |
7
   | available through the world-wide-web at the following url:           |
8
   | https://www.php.net/license/3_01.txt                                 |
9
   | If you did not receive a copy of the PHP license and are unable to   |
10
   | obtain it through the world-wide-web, please send a note to          |
11
   | license@php.net so we can mail you a copy immediately.               |
12
   +----------------------------------------------------------------------+
13
   | Authors: Johannes Schlüter <johanes@php.net>                         |
14
   |          Stanislav Malyshev <stas@php.net>                           |
15
   +----------------------------------------------------------------------+
16
 */
17
18
#include <main/php.h>
19
#include <main/php_main.h>
20
#include <main/SAPI.h>
21
#include <ext/standard/info.h>
22
#include <ext/standard/php_var.h>
23
#include <main/php_variables.h>
24
25
#include "fuzzer.h"
26
#include "fuzzer-sapi.h"
27
28
58.3k
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
29
58.3k
  if (Size > 6 * 1024) {
30
    /* Large inputs have a large impact on fuzzer performance and may cause stack overflows,
31
     * but are unlikely to be necessary to reach new codepaths. */
32
12
    return 0;
33
12
  }
34
35
58.3k
  fuzzer_do_request_from_buffer(
36
58.3k
    "fuzzer.php", (const char *) Data, Size, /* execute */ 0, /* before_shutdown */ NULL);
37
38
58.3k
  return 0;
39
58.3k
}
40
41
12
int LLVMFuzzerInitialize(int *argc, char ***argv) {
42
  /* Compilation will often trigger fatal errors.
43
   * Use tracked allocation mode to avoid leaks in that case. */
44
12
  putenv("USE_TRACKED_ALLOC=1");
45
46
12
  fuzzer_init_php(NULL);
47
48
  /* fuzzer_shutdown_php(); */
49
12
  return 0;
50
12
}