Fuzz introspector: libfplist_property_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
85 85 8 :

['getc', 'fread', 'ferror', '__errno_location', 'libfplist_xml_scanner_realloc', 'yy_fatal_error', 'libfplist_xml_scanner_restart', 'clearerr']

85 85 yy_get_next_buffer call site: 00057 /src/libfplist/libfplist/libfplist_xml_scanner.c:158629
16 16 5 :

['free', 'libcerror_error_resize', 'libcerror_error_initialize', 'strlen', 'realloc']

16 16 libcerror_error_set call site: 00002 /src/libcaes/libcerror/libcerror_error.c:328
4 4 1 :

['memcmp']

4 4 libfplist_xml_tag_get_value_type call site: 00239 /src/libfplist/libfplist/libfplist_xml_tag.c:340
0 78 3 :

['free', 'libcdata_array_free', 'libcerror_error_set']

0 78 libfplist_xml_tag_initialize call site: 00099 /src/libfplist/libfplist/libfplist_xml_tag.c:169
0 70 2 :

['libfplist_xml_attribute_free', 'libcerror_error_set']

0 70 libfplist_xml_tag_append_attribute call site: 00159 /src/libfplist/libfplist/libfplist_xml_tag.c:598
0 68 1 :

['libfplist_xml_tag_free']

0 68 libfplist_property_list_copy_from_byte_stream call site: 00215 /src/libfplist/libfplist/libfplist_property_list.c:490
0 64 1 :

['libcerror_error_set']

0 64 libcdata_internal_array_resize call site: 00123 /src/libfplist/libcdata/libcdata_array.c:823
0 41 1 :

['libfplist_xml_tag_compare_name']

0 169 libfplist_property_initialize call site: 00222 /src/libfplist/libfplist/libfplist_property.c:84
0 38 1 :

['libfplist_xml_attribute_free']

0 38 libfplist_xml_tag_append_attribute call site: 00160 /src/libfplist/libfplist/libfplist_xml_tag.c:616
0 32 1 :

['libcerror_error_set']

0 135 libfplist_xml_parser_parse_buffer call site: 00167 /src/libfplist/libfplist/libfplist_xml_parser.c:463
0 32 2 :

['free', 'libcerror_error_set']

0 32 libcdata_array_initialize call site: 00096 /src/libfplist/libcdata/libcdata_array.c:162
0 32 1 :

['libcerror_error_set']

0 32 libcdata_array_free call site: 00103 /src/libfplist/libcdata/libcdata_array.c:260

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 libfplist_property_list_initialize [function] [call site] 00001
2 libcerror_error_set [function] [call site] 00002
3 strlen [call site] 00003
3 libcerror_error_initialize [function] [call site] 00004
3 libcerror_error_resize [function] [call site] 00005
4 realloc [call site] 00006
4 realloc [call site] 00007
3 realloc [call site] 00008
3 vsnprintf [call site] 00009
2 libcerror_error_set [function] [call site] 00010
2 libcerror_error_set [function] [call site] 00011
2 libcerror_error_set [function] [call site] 00012
1 libfplist_property_list_copy_from_byte_stream [function] [call site] 00013
2 libcerror_error_set [function] [call site] 00014
2 libcerror_error_set [function] [call site] 00015
2 libcerror_error_set [function] [call site] 00016
2 libcerror_error_set [function] [call site] 00017
2 libcerror_error_set [function] [call site] 00018
2 libcerror_error_set [function] [call site] 00019
2 libcerror_error_set [function] [call site] 00020
2 libfplist_xml_parser_parse_buffer [function] [call site] 00021
3 libcerror_error_set [function] [call site] 00022
3 libfplist_xml_scanner__scan_buffer [function] [call site] 00023
4 libfplist_xml_scanner_alloc [function] [call site] 00024
4 yy_fatal_error [function] [call site] 00025
5 fprintf [call site] 00026
5 exit [call site] 00027
4 libfplist_xml_scanner__switch_to_buffer [function] [call site] 00028
5 libfplist_xml_scanner_ensure_buffer_stack [function] [call site] 00029
6 libfplist_xml_scanner_alloc [function] [call site] 00030
6 yy_fatal_error [function] [call site] 00031
6 libfplist_xml_scanner_realloc [function] [call site] 00032
7 realloc [call site] 00033
6 yy_fatal_error [function] [call site] 00034
5 libfplist_xml_scanner__load_buffer_state [function] [call site] 00035
3 libfplist_xml_scanner_parse [function] [call site] 00036
4 yygrowstack [function] [call site] 00037
5 realloc [call site] 00038
5 realloc [call site] 00039
4 libfplist_xml_scanner_lex [function] [call site] 00040
5 libfplist_xml_scanner_ensure_buffer_stack [function] [call site] 00041
5 libfplist_xml_scanner__create_buffer [function] [call site] 00042
6 libfplist_xml_scanner_alloc [function] [call site] 00043
6 yy_fatal_error [function] [call site] 00044
6 libfplist_xml_scanner_alloc [function] [call site] 00045
6 yy_fatal_error [function] [call site] 00046
6 libfplist_xml_scanner__init_buffer [function] [call site] 00047
7 __errno_location [call site] 00048
7 libfplist_xml_scanner__flush_buffer [function] [call site] 00049
8 libfplist_xml_scanner__load_buffer_state [function] [call site] 00050
7 __errno_location [call site] 00051
5 libfplist_xml_scanner__load_buffer_state [function] [call site] 00052
5 fwrite [call site] 00053
5 yy_get_previous_state [function] [call site] 00054
5 yy_try_NUL_trans [function] [call site] 00055
5 yy_get_next_buffer [function] [call site] 00056
6 yy_fatal_error [function] [call site] 00057
6 libfplist_xml_scanner_realloc [function] [call site] 00058
6 yy_fatal_error [function] [call site] 00059
6 getc [call site] 00060
6 yy_fatal_error [function] [call site] 00061
6 libfplist_xml_scanner_restart [function] [call site] 00062
7 libfplist_xml_scanner_ensure_buffer_stack [function] [call site] 00063
7 libfplist_xml_scanner__create_buffer [function] [call site] 00064
7 libfplist_xml_scanner__init_buffer [function] [call site] 00065
7 libfplist_xml_scanner__load_buffer_state [function] [call site] 00066
6 libfplist_xml_scanner_realloc [function] [call site] 00067
6 yy_fatal_error [function] [call site] 00068
5 libfplist_xml_scanner_wrap [function] [call site] 00069
5 libfplist_xml_scanner_restart [function] [call site] 00070
5 yy_get_previous_state [function] [call site] 00071
5 yy_get_previous_state [function] [call site] 00072
5 yy_fatal_error [function] [call site] 00073
4 yygrowstack [function] [call site] 00074
4 libfplist_xml_scanner_error [function] [call site] 00075
5 fprintf [call site] 00076
4 yygrowstack [function] [call site] 00077
4 libcerror_error_set [function] [call site] 00078
4 libfplist_xml_tag_initialize [function] [call site] 00079
5 libcerror_error_set [function] [call site] 00080
5 libcerror_error_set [function] [call site] 00081
5 libcerror_error_set [function] [call site] 00082
5 libcerror_error_set [function] [call site] 00083
5 libcerror_error_set [function] [call site] 00084
5 libcerror_error_set [function] [call site] 00085
5 libcerror_error_set [function] [call site] 00086
5 libcerror_error_set [function] [call site] 00087
5 libcdata_array_initialize [function] [call site] 00088
6 libcerror_error_set [function] [call site] 00089
6 libcerror_error_set [function] [call site] 00090
6 libcerror_error_set [function] [call site] 00091
6 libcerror_error_set [function] [call site] 00092
6 libcerror_error_set [function] [call site] 00093
6 libcerror_error_set [function] [call site] 00094
6 libcerror_error_set [function] [call site] 00095
6 libcerror_error_set [function] [call site] 00096
6 libcerror_error_set [function] [call site] 00097
5 libcerror_error_set [function] [call site] 00098
5 libcdata_array_initialize [function] [call site] 00099
5 libcerror_error_set [function] [call site] 00100
5 libcdata_array_free [function] [call site] 00101
6 libcerror_error_set [function] [call site] 00102
6 libcdata_internal_array_clear [function] [call site] 00103
7 libcerror_error_set [function] [call site] 00104
7 libcerror_error_set [function] [call site] 00105
7 libcerror_error_set [function] [call site] 00106
6 libcerror_error_set [function] [call site] 00107
4 libcerror_error_set [function] [call site] 00108
4 libfplist_xml_tag_append_element [function] [call site] 00109
5 libcerror_error_set [function] [call site] 00110
5 libcerror_error_set [function] [call site] 00111
5 libcdata_array_append_entry [function] [call site] 00112
6 libcerror_error_set [function] [call site] 00113
6 libcerror_error_set [function] [call site] 00114
6 libcerror_error_set [function] [call site] 00115
6 libcdata_internal_array_resize [function] [call site] 00116
7 libcerror_error_set [function] [call site] 00117
7 libcerror_error_set [function] [call site] 00118
7 libcerror_error_set [function] [call site] 00119
7 libcerror_error_set [function] [call site] 00120
7 libcerror_error_set [function] [call site] 00121
7 realloc [call site] 00122
7 libcerror_error_set [function] [call site] 00123
7 libcerror_error_set [function] [call site] 00124
7 libcerror_error_set [function] [call site] 00125
6 libcerror_error_set [function] [call site] 00126
5 libcerror_error_set [function] [call site] 00127
4 libcerror_error_set [function] [call site] 00128
4 libcerror_error_set [function] [call site] 00129
4 libcerror_error_set [function] [call site] 00130
4 libcerror_error_set [function] [call site] 00131
4 memcmp [call site] 00132
4 libcerror_error_set [function] [call site] 00133
4 libcerror_error_set [function] [call site] 00134
4 libfplist_xml_tag_set_value [function] [call site] 00135
5 libcerror_error_set [function] [call site] 00136
5 libcerror_error_set [function] [call site] 00137
5 libcerror_error_set [function] [call site] 00138
5 libcerror_error_set [function] [call site] 00139
5 libcerror_error_set [function] [call site] 00140
4 libcerror_error_set [function] [call site] 00141
4 libcerror_error_set [function] [call site] 00142
4 libcerror_error_set [function] [call site] 00143
4 libfplist_xml_tag_append_attribute [function] [call site] 00144
5 libcerror_error_set [function] [call site] 00145
5 libfplist_xml_attribute_initialize [function] [call site] 00146
6 libcerror_error_set [function] [call site] 00147
6 libcerror_error_set [function] [call site] 00148
6 libcerror_error_set [function] [call site] 00149
6 libcerror_error_set [function] [call site] 00150
6 libcerror_error_set [function] [call site] 00151
6 libcerror_error_set [function] [call site] 00152
6 libcerror_error_set [function] [call site] 00153
6 libcerror_error_set [function] [call site] 00154
6 libcerror_error_set [function] [call site] 00155
6 libcerror_error_set [function] [call site] 00156
6 libcerror_error_set [function] [call site] 00157
5 libcerror_error_set [function] [call site] 00158
5 libcdata_array_append_entry [function] [call site] 00159
5 libcerror_error_set [function] [call site] 00160
5 libfplist_xml_attribute_free [function] [call site] 00161
6 libcerror_error_set [function] [call site] 00162
4 libcerror_error_set [function] [call site] 00163
4 libfplist_xml_scanner_lex [function] [call site] 00164
4 yygrowstack [function] [call site] 00165
4 libfplist_xml_scanner_error [function] [call site] 00166
3 libfplist_property_list_set_root_tag [function] [call site] 00167
4 libcerror_error_set [function] [call site] 00168
4 libcerror_error_set [function] [call site] 00169
3 libcerror_error_set [function] [call site] 00170
3 libfplist_xml_scanner__delete_buffer [function] [call site] 00171
4 libfplist_xml_scanner_free [function] [call site] 00172
4 libfplist_xml_scanner_free [function] [call site] 00173
3 libfplist_xml_scanner_lex_destroy [function] [call site] 00174
4 libfplist_xml_scanner__delete_buffer [function] [call site] 00175
4 libfplist_xml_scanner_pop_buffer_state [function] [call site] 00176
5 libfplist_xml_scanner__delete_buffer [function] [call site] 00177
5 libfplist_xml_scanner__load_buffer_state [function] [call site] 00178
4 libfplist_xml_scanner_free [function] [call site] 00179
4 yy_init_globals [function] [call site] 00180
3 libfplist_xml_tag_free [function] [call site] 00181
4 libcdata_array_free [function] [call site] 00182
4 libfplist_xml_tag_free [function] [call site] 00183
5 libcerror_error_set [function] [call site] 00184
5 libcdata_array_free [function] [call site] 00185
5 libfplist_xml_attribute_free [function] [call site] 00186
5 libcerror_error_set [function] [call site] 00187
2 libcerror_error_set [function] [call site] 00188
2 libcerror_error_set [function] [call site] 00189
2 libfplist_xml_tag_compare_name [function] [call site] 00190
3 libcerror_error_set [function] [call site] 00191
3 libcerror_error_set [function] [call site] 00192
3 memcmp [call site] 00193
2 libcerror_error_set [function] [call site] 00194
2 libfplist_xml_tag_compare_name [function] [call site] 00195
2 libcerror_error_set [function] [call site] 00196
2 libfplist_xml_tag_get_number_of_elements [function] [call site] 00197
3 libcerror_error_set [function] [call site] 00198
3 libcdata_array_get_number_of_entries [function] [call site] 00199
4 libcerror_error_set [function] [call site] 00200
4 libcerror_error_set [function] [call site] 00201
3 libcerror_error_set [function] [call site] 00202
2 libcerror_error_set [function] [call site] 00203
2 libfplist_xml_tag_get_element [function] [call site] 00204
3 libcerror_error_set [function] [call site] 00205
3 libcdata_array_get_entry_by_index [function] [call site] 00206
4 libcerror_error_set [function] [call site] 00207
4 libcerror_error_set [function] [call site] 00208
4 libcerror_error_set [function] [call site] 00209
4 libcerror_error_set [function] [call site] 00210
3 libcerror_error_set [function] [call site] 00211
2 libcerror_error_set [function] [call site] 00212
2 libfplist_xml_tag_compare_name [function] [call site] 00213
2 libfplist_xml_tag_compare_name [function] [call site] 00214
2 libcerror_error_set [function] [call site] 00215
2 libfplist_xml_tag_free [function] [call site] 00216
1 libfplist_property_list_get_root_property [function] [call site] 00217
2 libcerror_error_set [function] [call site] 00218
2 libcerror_error_set [function] [call site] 00219
2 libcerror_error_set [function] [call site] 00220
2 libfplist_property_initialize [function] [call site] 00221
3 libcerror_error_set [function] [call site] 00222
3 libfplist_xml_tag_compare_name [function] [call site] 00223
3 libcerror_error_set [function] [call site] 00224
3 libcerror_error_set [function] [call site] 00225
3 libcerror_error_set [function] [call site] 00226
3 libcerror_error_set [function] [call site] 00227
2 libcerror_error_set [function] [call site] 00228
1 libfplist_property_get_value_type [function] [call site] 00229
2 libcerror_error_set [function] [call site] 00230
2 libcerror_error_set [function] [call site] 00231
2 libcerror_error_set [function] [call site] 00232
2 libfplist_xml_tag_get_value_type [function] [call site] 00233
3 libcerror_error_set [function] [call site] 00234
3 libcerror_error_set [function] [call site] 00235
3 libcerror_error_set [function] [call site] 00236
3 memcmp [call site] 00237
3 memcmp [call site] 00238
3 memcmp [call site] 00239
3 memcmp [call site] 00240
3 memcmp [call site] 00241
3 memcmp [call site] 00242
3 memcmp [call site] 00243
3 memcmp [call site] 00244
3 memcmp [call site] 00245
2 libcerror_error_set [function] [call site] 00246
2 libcerror_error_set [function] [call site] 00247
1 libfplist_property_free [function] [call site] 00248
2 libcerror_error_set [function] [call site] 00249
1 libfplist_property_list_free [function] [call site] 00250
2 libfplist_xml_tag_free [function] [call site] 00251
2 libcerror_error_set [function] [call site] 00252