Coverage Report

Created: 2025-01-28 06:58

/src/wget2/fuzz/libwget_utils_fuzzer.c
Line
Count
Source
1
/*
2
 * Copyright (c) 2017-2024 Free Software Foundation, Inc.
3
 *
4
 * This file is part of libwget.
5
 *
6
 * Libwget is free software: you can redistribute it and/or modify
7
 * it under the terms of the GNU Lesser General Public License as published by
8
 * the Free Software Foundation, either version 3 of the License, or
9
 * (at your option) any later version.
10
 *
11
 * Libwget is distributed in the hope that it will be useful,
12
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14
 * GNU Lesser General Public License for more details.
15
 *
16
 * You should have received a copy of the GNU Lesser General Public License
17
 * along with libwget.  If not, see <https://www.gnu.org/licenses/>.
18
 */
19
20
#include <config.h>
21
22
#include <assert.h> // assert
23
#include <stdlib.h> // malloc, free
24
#include <string.h> // memcpy
25
// #include <unistd.h> // chroot
26
27
#include "wget.h"
28
#include "fuzzer.h"
29
30
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
31
239
{
32
239
  char dst1[1];
33
239
  char dst2[2];
34
239
  char dst3[3];
35
239
  char dst4[4];
36
239
  char dst5[8];
37
239
  char *dst = (char *) malloc(size * 2 + 1);
38
239
  char *data0 = (char *) malloc(size + 1);
39
239
  int x = 0; // avoid pure functions to be optimized away
40
41
239
  assert(dst != NULL);
42
239
  assert(data0 != NULL);
43
44
  // 0-terminate data
45
239
  memcpy(data0, data, size);
46
239
  data0[size] = 0;
47
48
  // some test for code coverage
49
239
  x += wget_strcmp(NULL, "");
50
239
  x += wget_strcmp("", NULL);
51
239
  x += wget_strcmp(NULL, NULL);
52
239
  x += wget_strcmp(data0, data0);
53
54
239
  x +=  wget_strncmp(NULL, "", 0);
55
239
  x += wget_strncmp("", NULL, 0);
56
239
  x += wget_strncmp(NULL, NULL, 0);
57
239
  x += wget_strncmp((char *) data, (char *) data, size);
58
59
239
  x += wget_strcasecmp(NULL, "");
60
239
  x += wget_strcasecmp("", NULL);
61
239
  x += wget_strcasecmp(NULL, NULL);
62
239
  x += wget_strcasecmp(data0, data0);
63
64
239
  x += wget_strncasecmp(NULL, "", 0);
65
239
  x += wget_strncasecmp("", NULL, 0);
66
239
  x += wget_strncasecmp(NULL, NULL, 0);
67
239
  x += wget_strncasecmp((char *) data, (char *) data, size);
68
69
239
  x += wget_strcasecmp_ascii(NULL, "");
70
239
  x += wget_strcasecmp_ascii("", NULL);
71
239
  x += wget_strcasecmp_ascii(NULL, NULL);
72
239
  x += wget_strcasecmp_ascii(data0, data0);
73
74
239
  x += wget_strncasecmp_ascii(NULL, "", 0);
75
239
  x += wget_strncasecmp_ascii("", NULL, 0);
76
239
  x += wget_strncasecmp_ascii(NULL, NULL, 0);
77
239
  x += wget_strncasecmp_ascii((char *) data, (char *) data, size);
78
79
239
  wget_strtolower(NULL);
80
239
  wget_strtolower(data0);
81
239
  memcpy(data0, (char *) data, size); // restore
82
83
239
  wget_millisleep(-1);
84
239
  wget_get_timemillis();
85
86
239
  wget_percent_unescape(data0);
87
239
  memcpy(data0, data, size); // restore
88
89
239
  x += wget_match_tail(data0, data0);
90
239
  x += wget_match_tail("", data0);
91
239
  x += wget_match_tail(data0, "");
92
93
239
  x += wget_match_tail_nocase(data0, data0);
94
239
  x += wget_match_tail_nocase("", data0);
95
239
  x += wget_match_tail_nocase(data0, "");
96
97
//  if (chroot(".") == 0) {
98
239
    char *p;
99
239
    if ((p = wget_strnglob("*", 1,  0)))
100
239
      wget_free(p);
101
//  } else
102
//    printf("Failed to chroot\n");
103
104
239
  if (size < 31) {
105
145
    char buf[16];
106
145
    x += !!wget_human_readable(dst1, sizeof(dst1), (1 << size) - 1);
107
145
    x += !!wget_human_readable(buf, sizeof(buf), (1 << size) - 1);
108
145
  }
109
110
239
  (void) x; // needed to get rid of bug reported by scan-build
111
112
239
  int w, h;
113
239
  wget_get_screen_size(&w, &h);
114
115
239
  wget_memtohex(NULL, 0, NULL, 0);
116
239
  wget_memtohex(data, size, dst1, sizeof(dst1));
117
239
  wget_memtohex(data, size, dst2, sizeof(dst2));
118
239
  wget_memtohex(data, size, dst3, sizeof(dst3));
119
239
  wget_memtohex(data, size, dst4, sizeof(dst4));
120
239
  wget_memtohex(data, size, dst5, sizeof(dst5));
121
239
  wget_memtohex(data, size, dst, size * 2 + 1);
122
123
239
  free(data0);
124
239
  free(dst);
125
126
239
  return 0;
127
239
}