Fuzz introspector: CMake/Tests/Fuzzing/xml_parser_fuzzer.cc
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
312 0 EP call site: 00000 cmXMLParser::ParseFile

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 fopen [function] [call site] 00001
1 fwrite [function] [call site] 00002
1 fclose [function] [call site] 00003
1 cmXMLParser::cmXMLParser [function] [call site] 00004
1 cmXMLParser::ParseFile [function] [call site] 00005
2 cmsys::ifstream::rdbuf [function] [call site] 00006
2 cmXMLParser::Parse [function] [call site] 00007
3 cmXMLParser::InitializeParser [function] [call site] 00008
4 XML_ParserCreate [function] [call site] 00009
5 XML_ParserCreate_MM [function] [call site] 00010
6 parserCreate [function] [call site] 00011
7 XML_Memory_Handling_Suite*::malloc_fcn [function] [call site] 00012
7 malloc [function] [call site] 00013
7 MALLOC [function] [call site] 00014
7 FREE [function] [call site] 00015
7 MALLOC [function] [call site] 00016
7 FREE [function] [call site] 00017
7 FREE [function] [call site] 00018
7 MALLOC [function] [call site] 00019
7 FREE [function] [call site] 00020
7 FREE [function] [call site] 00021
7 FREE [function] [call site] 00022
7 dtdCreate [function] [call site] 00023
8 XML_Memory_Handling_Suite*::malloc_fcn [function] [call site] 00024
8 poolInit [function] [call site] 00025
8 poolInit [function] [call site] 00026
8 hashTableInit [function] [call site] 00027
8 hashTableInit [function] [call site] 00028
8 hashTableInit [function] [call site] 00029
8 hashTableInit [function] [call site] 00030
8 hashTableInit [function] [call site] 00031
7 FREE [function] [call site] 00032
7 FREE [function] [call site] 00033
7 FREE [function] [call site] 00034
7 FREE [function] [call site] 00035
7 poolInit [function] [call site] 00036
7 poolInit [function] [call site] 00037
7 parserInit [function] [call site] 00038
8 XmlPrologStateInit [function] [call site] 00039
8 copyString [function] [call site] 00040
9 XML_Memory_Handling_Suite*::malloc_fcn [function] [call site] 00041
9 memcpy [function] [call site] 00042
8 XmlInitEncoding [function] [call site] 00043
8 memset [function] [call site] 00044
8 memset [function] [call site] 00045
8 getDebugLevel [function] [call site] 00046
9 getenv [function] [call site] 00047
9 strtoul [function] [call site] 00048
8 memset [function] [call site] 00049
8 getDebugLevel [function] [call site] 00050
7 XML_ParserFree [function] [call site] 00051
8 FREE [function] [call site] 00052
8 destroyBindings [function] [call site] 00053
9 FREE [function] [call site] 00054
9 FREE [function] [call site] 00055
8 FREE [function] [call site] 00056
8 FREE [function] [call site] 00057
8 destroyBindings [function] [call site] 00058
8 destroyBindings [function] [call site] 00059
8 poolDestroy [function] [call site] 00060
9 STRING_POOL*::mem::free_fcn [function] [call site] 00061
9 STRING_POOL*::mem::free_fcn [function] [call site] 00062
8 poolDestroy [function] [call site] 00063
8 FREE [function] [call site] 00064
8 dtdDestroy [function] [call site] 00065
9 hashTableIterInit [function] [call site] 00066
9 hashTableIterNext [function] [call site] 00067
9 XML_Memory_Handling_Suite*::free_fcn [function] [call site] 00068
9 hashTableDestroy [function] [call site] 00069
10 HASH_TABLE*::mem::free_fcn [function] [call site] 00070
10 HASH_TABLE*::mem::free_fcn [function] [call site] 00071
9 hashTableDestroy [function] [call site] 00072
9 hashTableDestroy [function] [call site] 00073
9 hashTableDestroy [function] [call site] 00074
9 hashTableDestroy [function] [call site] 00075
9 poolDestroy [function] [call site] 00076
9 poolDestroy [function] [call site] 00077
9 XML_Memory_Handling_Suite*::free_fcn [function] [call site] 00078
9 XML_Memory_Handling_Suite*::free_fcn [function] [call site] 00079
9 XML_Memory_Handling_Suite*::free_fcn [function] [call site] 00080
8 FREE [function] [call site] 00081
8 FREE [function] [call site] 00082
8 FREE [function] [call site] 00083
8 FREE [function] [call site] 00084
8 FREE [function] [call site] 00085
8 FREE [function] [call site] 00086
8 FREE [function] [call site] 00087
8 XML_Parser::m_unknownEncodingRelease [function] [call site] 00088
8 FREE [function] [call site] 00089
7 XmlGetInternalEncodingNS [function] [call site] 00090
7 XmlGetInternalEncoding [function] [call site] 00091
4 XML_SetElementHandler [function] [call site] 00092
4 static_cast<XML_Parser> [function] [call site] 00093
4 XML_SetCharacterDataHandler [function] [call site] 00094
4 static_cast<XML_Parser> [function] [call site] 00095
4 XML_SetUserData [function] [call site] 00096
4 static_cast<XML_Parser> [function] [call site] 00097
3 cmXMLParser::ParseChunk [function] [call site] 00098
4 cmXMLParser::ParseBuffer [function] [call site] 00099
5 XML_Parse [function] [call site] 00100
6 startParsing [function] [call site] 00101
7 generate_hash_secret_salt [function] [call site] 00102
8 arc4random_buf [function] [call site] 00103
8 ENTROPY_DEBUG [function] [call site] 00104
9 getDebugLevel [function] [call site] 00105
9 fprintf [function] [call site] 00106
8 writeRandomBytes_arc4random [function] [call site] 00107
9 arc4random [function] [call site] 00108
8 ENTROPY_DEBUG [function] [call site] 00109
8 writeRandomBytes_rand_s [function] [call site] 00110
9 rand_s [function] [call site] 00111
8 ENTROPY_DEBUG [function] [call site] 00112
8 writeRandomBytes_getrandom_nonblock [function] [call site] 00113
9 getrandom [function] [call site] 00114
9 syscall [function] [call site] 00115
8 ENTROPY_DEBUG [function] [call site] 00116
8 writeRandomBytes_dev_urandom [function] [call site] 00117
9 open [function] [call site] 00118
9 read [function] [call site] 00119
9 close [function] [call site] 00120
8 ENTROPY_DEBUG [function] [call site] 00121
8 gather_time_entropy [function] [call site] 00122
9 GetSystemTimeAsFileTime [function] [call site] 00123
9 gettimeofday [function] [call site] 00124
9 assert [function] [call site] 00125
8 getpid [function] [call site] 00126
8 ENTROPY_DEBUG [function] [call site] 00127
8 ENTROPY_DEBUG [function] [call site] 00128
7 setContext [function] [call site] 00129
8 XML_T [function] [call site] 00130
8 XML_T [function] [call site] 00131
8 poolAppendChar [function] [call site] 00132
8 XML_T [function] [call site] 00133
8 lookup [function] [call site] 00134
9 HASH_TABLE*::mem::malloc_fcn [function] [call site] 00135
9 memset [function] [call site] 00136
9 hash [function] [call site] 00137
10 copy_salt_to_sipkey [function] [call site] 00138
11 get_hash_secret_salt [function] [call site] 00139
12 get_hash_secret_salt [function] [call site] 00140
10 sip24_init [function] [call site] 00141
11 SIP_ULL [function] [call site] 00142
11 SIP_ULL [function] [call site] 00143
11 SIP_ULL [function] [call site] 00144
11 SIP_ULL [function] [call site] 00145
10 sip24_update [function] [call site] 00146
11 sip_endof [function] [call site] 00147
11 sip_endof [function] [call site] 00148
11 SIP_U8TO64_LE [function] [call site] 00149
11 sip_round [function] [call site] 00150
12 SIP_ROTL [function] [call site] 00151
12 SIP_ROTL [function] [call site] 00152
12 SIP_ROTL [function] [call site] 00153
12 SIP_ROTL [function] [call site] 00154
12 SIP_ROTL [function] [call site] 00155
12 SIP_ROTL [function] [call site] 00156
10 keylen [function] [call site] 00157
10 sip24_final [function] [call site] 00158
11 sip_round [function] [call site] 00159
11 sip_round [function] [call site] 00160
9 hash [function] [call site] 00161
9 keyeq [function] [call site] 00162
9 PROBE_STEP [function] [call site] 00163
9 HASH_TABLE*::mem::malloc_fcn [function] [call site] 00164
9 memset [function] [call site] 00165
9 hash [function] [call site] 00166
9 PROBE_STEP [function] [call site] 00167
9 HASH_TABLE*::mem::free_fcn [function] [call site] 00168
9 PROBE_STEP [function] [call site] 00169
9 HASH_TABLE*::mem::malloc_fcn [function] [call site] 00170
9 memset [function] [call site] 00171
8 poolStart [function] [call site] 00172
8 XML_T [function] [call site] 00173
8 poolDiscard [function] [call site] 00174
8 XML_T [function] [call site] 00175
8 poolLength [function] [call site] 00176
8 poolAppendChar [function] [call site] 00177
8 XML_T [function] [call site] 00178
8 lookup [function] [call site] 00179
8 poolStart [function] [call site] 00180
8 poolStart [function] [call site] 00181
8 poolCopyString [function] [call site] 00182
9 poolAppendChar [function] [call site] 00183
9 poolFinish [function] [call site] 00184
8 poolDiscard [function] [call site] 00185
8 XML_T [function] [call site] 00186
8 poolAppendChar [function] [call site] 00187
8 poolAppendChar [function] [call site] 00188
8 XML_T [function] [call site] 00189
8 addBinding [function] [call site] 00190
9 XML_T [function] [call site] 00191
9 XML_T [function] [call site] 00192
9 XML_T [function] [call site] 00193
9 XML_T [function] [call site] 00194
9 XML_T [function] [call site] 00195
9 XML_T [function] [call site] 00196
9 XML_T [function] [call site] 00197
9 XML_T [function] [call site] 00198
9 is_rfc3986_uri_char [function] [call site] 00199
9 REALLOC [function] [call site] 00200
9 MALLOC [function] [call site] 00201
9 MALLOC [function] [call site] 00202
9 FREE [function] [call site] 00203
9 memcpy [function] [call site] 00204
9 XML_T [function] [call site] 00205
9 XML_Parser::m_startNamespaceDeclHandler [function] [call site] 00206
8 poolStart [function] [call site] 00207
8 poolDiscard [function] [call site] 00208
8 XML_T [function] [call site] 00209
8 poolAppendChar [function] [call site] 00210
6 callProcessor [function] [call site] 00211
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00212
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00213
7 EXPAT_MIN [function] [call site] 00214
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00215
7 XML_Parser::m_processor [function] [call site] 00216
6 XmlUpdatePosition [function] [call site] 00217
6 XML_GetBuffer [function] [call site] 00218
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00219
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00220
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00221
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00222
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00223
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00224
7 memmove [function] [call site] 00225
7 memmove [function] [call site] 00226
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00227
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00228
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00229
7 MALLOC [function] [call site] 00230
7 memcpy [function] [call site] 00231
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00232
7 FREE [function] [call site] 00233
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00234
7 memcpy [function] [call site] 00235
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00236
7 FREE [function] [call site] 00237
7 EXPAT_SAFE_PTR_DIFF [function] [call site] 00238
6 memcpy [function] [call site] 00239
6 XML_GetBuffer [function] [call site] 00240
6 assert [function] [call site] 00241
6 memcpy [function] [call site] 00242
6 XML_ParseBuffer [function] [call site] 00243
7 startParsing [function] [call site] 00244
7 callProcessor [function] [call site] 00245
7 XmlUpdatePosition [function] [call site] 00246
5 static_cast<XML_Parser> [function] [call site] 00247
5 static_cast<int> [function] [call site] 00248
5 cmXMLParser::ReportXmlParseError [function] [call site] 00249
6 static_cast<XML_Parser> [function] [call site] 00250
6 cmXMLParser::ReportError [function] [call site] 00251
7 cmXMLParser::ReportCallback [function] [call site] 00252
6 static_cast<int> [function] [call site] 00253
6 XML_GetCurrentLineNumber [function] [call site] 00254
7 XmlUpdatePosition [function] [call site] 00255
6 static_cast<int> [function] [call site] 00256
6 XML_GetCurrentColumnNumber [function] [call site] 00257
7 XmlUpdatePosition [function] [call site] 00258
6 XML_ErrorString [function] [call site] 00259
7 XML_L [function] [call site] 00260
7 XML_L [function] [call site] 00261
7 XML_L [function] [call site] 00262
7 XML_L [function] [call site] 00263
7 XML_L [function] [call site] 00264
7 XML_L [function] [call site] 00265
7 XML_L [function] [call site] 00266
7 XML_L [function] [call site] 00267
7 XML_L [function] [call site] 00268
7 XML_L [function] [call site] 00269
7 XML_L [function] [call site] 00270
7 XML_L [function] [call site] 00271
7 XML_L [function] [call site] 00272
7 XML_L [function] [call site] 00273
7 XML_L [function] [call site] 00274
7 XML_L [function] [call site] 00275
7 XML_L [function] [call site] 00276
7 XML_L [function] [call site] 00277
7 XML_L [function] [call site] 00278
7 XML_L [function] [call site] 00279
7 XML_L [function] [call site] 00280
7 XML_L [function] [call site] 00281
7 XML_L [function] [call site] 00282
7 XML_L [function] [call site] 00283
7 XML_L [function] [call site] 00284
7 XML_L [function] [call site] 00285
7 XML_L [function] [call site] 00286
7 XML_L [function] [call site] 00287
7 XML_L [function] [call site] 00288
7 XML_L [function] [call site] 00289
7 XML_L [function] [call site] 00290
7 XML_L [function] [call site] 00291
7 XML_L [function] [call site] 00292
7 XML_L [function] [call site] 00293
7 XML_L [function] [call site] 00294
7 XML_L [function] [call site] 00295
7 XML_L [function] [call site] 00296
7 XML_L [function] [call site] 00297
7 XML_L [function] [call site] 00298
7 XML_L [function] [call site] 00299
7 XML_L [function] [call site] 00300
7 XML_L [function] [call site] 00301
7 XML_L [function] [call site] 00302
6 XML_GetErrorCode [function] [call site] 00303
3 strlen [function] [call site] 00304
3 cmXMLParser::CleanupParser [function] [call site] 00305
4 XML_Parse [function] [call site] 00306
4 static_cast<XML_Parser> [function] [call site] 00307
4 cmXMLParser::ReportXmlParseError [function] [call site] 00308
4 XML_ParserFree [function] [call site] 00309
4 static_cast<XML_Parser> [function] [call site] 00310
2 std::ostringstream::str [function] [call site] 00311
1 remove [function] [call site] 00312