/src/quickjs/fuzz/fuzz_eval.c
Line | Count | Source |
1 | | /* Copyright 2020 Google Inc. |
2 | | |
3 | | Licensed under the Apache License, Version 2.0 (the "License"); |
4 | | you may not use this file except in compliance with the License. |
5 | | You may obtain a copy of the License at |
6 | | |
7 | | http://www.apache.org/licenses/LICENSE-2.0 |
8 | | |
9 | | Unless required by applicable law or agreed to in writing, software |
10 | | distributed under the License is distributed on an "AS IS" BASIS, |
11 | | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
12 | | See the License for the specific language governing permissions and |
13 | | limitations under the License. |
14 | | */ |
15 | | |
16 | | #include "quickjs.h" |
17 | | #include "quickjs-libc.h" |
18 | | #include "fuzz/fuzz_common.h" |
19 | | |
20 | | #include <stdint.h> |
21 | | #include <stdio.h> |
22 | | #include <string.h> |
23 | | |
24 | 13 | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { |
25 | 13 | if (size == 0) |
26 | 0 | return 0; |
27 | | |
28 | 13 | JSRuntime *rt = JS_NewRuntime(); |
29 | 13 | JSContext *ctx = JS_NewContext(rt); |
30 | 13 | test_one_input_init(rt, ctx); |
31 | | |
32 | 13 | uint8_t *null_terminated_data = malloc(size + 1); |
33 | 13 | memcpy(null_terminated_data, data, size); |
34 | 13 | null_terminated_data[size] = 0; |
35 | | |
36 | 13 | reset_nbinterrupts(); |
37 | | //the final 0 does not count (as in strlen) |
38 | 13 | JSValue val = JS_Eval(ctx, (const char *)null_terminated_data, size, "<none>", JS_EVAL_TYPE_GLOBAL); |
39 | 13 | free(null_terminated_data); |
40 | | //TODO targets with JS_ParseJSON, JS_ReadObject |
41 | 13 | if (!JS_IsException(val)) { |
42 | 4 | js_std_loop(ctx); |
43 | 4 | JS_FreeValue(ctx, val); |
44 | 4 | } |
45 | 13 | js_std_free_handlers(rt); |
46 | 13 | JS_FreeContext(ctx); |
47 | 13 | JS_FreeRuntime(rt); |
48 | 13 | return 0; |
49 | 13 | } |