/src/qpdf/fuzz/json_fuzzer.cc

Source
#include "qpdf/JSON.hh"
#include "qpdf/QPDF.hh"
#include <qpdf/BufferInputSource.hh>
#include <qpdf/Pl_Discard.hh>
#include <iostream>
#include <stdexcept>

class FuzzHelper
{
  public:
    FuzzHelper(unsigned char const* data, size_t size);
    void run();

  private:
    void doChecks();

    unsigned char const* data;
    size_t size;
};

FuzzHelper::FuzzHelper(unsigned char const* data, size_t size) :
    data(data),
    size(size)
{
}

void
FuzzHelper::doChecks()
{
    try {
        JSON::parse(std::string(reinterpret_cast<char const*>(data), size));
    } catch (std::runtime_error& e) {
        std::cerr << "runtime_error parsing json: " << e.what() << '\n';
    }
    QPDF q;
    q.setMaxWarnings(1000);
    Buffer buf(const_cast<unsigned char*>(data), size);
    auto is = std::make_shared<BufferInputSource>("json", &buf);
    q.createFromJSON(is);
}

void
FuzzHelper::run()
{
    try {
        doChecks();
    } catch (std::runtime_error const& e) {
        std::cerr << "runtime_error: " << e.what() << '\n';
    }
}

extern "C" int
LLVMFuzzerTestOneInput(unsigned char const* data, size_t size)
{
    FuzzHelper f(data, size);
    f.run();
    return 0;
}

Line	Count	Source
1		#include "qpdf/JSON.hh"
2		#include "qpdf/QPDF.hh"
3		#include <qpdf/BufferInputSource.hh>
4		#include <qpdf/Pl_Discard.hh>
5		#include <iostream>
6		#include <stdexcept>
7
8		class FuzzHelper
9		{
10		public:
11		FuzzHelper(unsigned char const* data, size_t size);
12		void run();
13
14		private:
15		void doChecks();
16
17		unsigned char const* data;
18		size_t size;
19		};
20
21		FuzzHelper::FuzzHelper(unsigned char const* data, size_t size) :
22	7.34k	data(data),
23	7.34k	size(size)
24	7.34k	{
25	7.34k	}
26
27		void
28		FuzzHelper::doChecks()
29	7.34k	{
30	7.34k	try {
31	7.34k	JSON::parse(std::string(reinterpret_cast<char const*>(data), size));
32	7.34k	} catch (std::runtime_error& e) {
33	7.19k	std::cerr << "runtime_error parsing json: " << e.what() << '\n';
34	7.19k	}
35	7.34k	QPDF q;
36	7.34k	q.setMaxWarnings(1000);
37	7.34k	Buffer buf(const_cast<unsigned char*>(data), size);
38	7.34k	auto is = std::make_shared<BufferInputSource>("json", &buf);
39	7.34k	q.createFromJSON(is);
40	7.34k	}
41
42		void
43		FuzzHelper::run()
44	7.34k	{
45	7.34k	try {
46	7.34k	doChecks();
47	7.34k	} catch (std::runtime_error const& e) {
48	7.33k	std::cerr << "runtime_error: " << e.what() << '\n';
49	7.33k	}
50	7.34k	}
51
52		extern "C" int
53		LLVMFuzzerTestOneInput(unsigned char const* data, size_t size)
54	7.34k	{
55	7.34k	FuzzHelper f(data, size);
56	7.34k	f.run();
57	7.34k	return 0;
58	7.34k	}

Coverage Report

Created: 2025-07-12 06:25