/src/pugixml/tests/fuzz_xpath.cpp
Line | Count | Source |
1 | | #include "../src/pugixml.hpp" |
2 | | #include "fuzzer/FuzzedDataProvider.h" |
3 | | |
4 | | #include <stdint.h> |
5 | | #include <string.h> |
6 | | #include <string> |
7 | | |
8 | | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* Data, size_t Size) |
9 | 13.4k | { |
10 | 13.4k | FuzzedDataProvider fdp(Data, Size); |
11 | 13.4k | std::string text = fdp.ConsumeRandomLengthString(1024); |
12 | | |
13 | 13.4k | #ifndef PUGIXML_NO_EXCEPTIONS |
14 | 13.4k | try |
15 | 13.4k | #endif |
16 | 13.4k | { |
17 | 13.4k | pugi::xpath_variable_set vars; |
18 | 13.4k | size_t var_count = fdp.ConsumeIntegralInRange<size_t>(0, 50); |
19 | 13.4k | std::vector<std::string> var_name_storage; |
20 | 28.9k | for (size_t i = 0; i < var_count; ++i) |
21 | 15.4k | { |
22 | 15.4k | var_name_storage.push_back(fdp.ConsumeRandomLengthString(128)); |
23 | | |
24 | 15.4k | const int xpath_value_type_count = pugi::xpath_type_boolean + 1; |
25 | 15.4k | pugi::xpath_value_type value_type = static_cast<pugi::xpath_value_type>(fdp.ConsumeIntegralInRange(0, xpath_value_type_count)); |
26 | 15.4k | vars.add(var_name_storage.back().c_str(), value_type); |
27 | 15.4k | } |
28 | 13.4k | pugi::xpath_query q(text.c_str(), &vars); |
29 | | |
30 | 13.4k | std::vector<uint8_t> xml_buffer = fdp.ConsumeBytes<uint8_t>(fdp.ConsumeIntegralInRange(0, 1024)); |
31 | 13.4k | pugi::xml_document doc; |
32 | 13.4k | doc.load_buffer(xml_buffer.data(), xml_buffer.size(), pugi::parse_full); |
33 | | |
34 | 13.4k | q.evaluate_boolean(doc); |
35 | 13.4k | q.evaluate_number(doc); |
36 | 13.4k | q.evaluate_string(doc); |
37 | 13.4k | q.evaluate_node(doc); |
38 | 13.4k | q.evaluate_node_set(doc); |
39 | 13.4k | } |
40 | 13.4k | #ifndef PUGIXML_NO_EXCEPTIONS |
41 | 13.4k | catch (pugi::xpath_exception&) |
42 | 13.4k | { |
43 | 5.33k | } |
44 | 13.4k | #endif |
45 | 13.4k | return 0; |
46 | 13.4k | } |