Fuzz introspector: fuzz_format_por
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
46 46 1 :

['ck_hash_table_grow']

50 82 ck_str_n_hash_insert call site: 00109 /src/readstat/src/CKHashTable.c:217
8 8 2 :

['iconv', '__errno_location']

8 8 readstat_convert call site: 00057 /src/readstat/src/readstat_convert.c:15
2 2 1 :

['iconv_open']

4 1815 readstat_parse_por call site: 00054 /src/readstat/src/spss/readstat_por_read.c:764
0 7 1 :

['readstat_parser_free']

0 7 readstat_parser_init call site: 00005 /src/readstat/src/readstat_parser.c:9
0 0 None 6 1817 readstat_parse_por call site: 00050 /src/readstat/src/spss/readstat_por_read.c:760
0 0 None 2 193 read_por_file_data call site: 00182 /src/readstat/src/spss/readstat_por_read.c:647
0 0 None 2 49 handle_variables call site: 00174 /src/readstat/src/spss/readstat_por_read.c:725
0 0 None 0 55 spss_init_variable_for_info call site: 00159 /src/readstat/src/spss/readstat_spss.c:157
0 0 None 0 39 spss_init_variable_for_info call site: 00159 /src/readstat/src/spss/readstat_spss.c:163
0 0 None 0 16 readstat_parse_por call site: 00055 /src/readstat/src/spss/readstat_por_read.c:767
0 0 None 0 16 readstat_parse_por call site: 00055 /src/readstat/src/spss/readstat_por_read.c:774
0 0 None 0 16 readstat_parse_por call site: 00055 /src/readstat/src/spss/readstat_por_read.c:779

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 fuzzer_parser_init [function] [call site] 00001
2 readstat_parser_init [function] [call site] 00002
3 calloc [call site] 00003
3 calloc [call site] 00004
3 unistd_io_init [function] [call site] 00005
4 readstat_set_open_handler [function] [call site] 00006
4 unistd_open_handler [function] [call site] 00007
5 open_with_unicode [function] [call site] 00008
6 open [call site] 00009
4 readstat_set_close_handler [function] [call site] 00010
4 unistd_close_handler [function] [call site] 00011
5 close [call site] 00012
4 readstat_set_seek_handler [function] [call site] 00013
4 unistd_seek_handler [function] [call site] 00014
5 lseek [call site] 00015
4 readstat_set_read_handler [function] [call site] 00016
4 unistd_read_handler [function] [call site] 00017
5 read [call site] 00018
4 readstat_set_update_handler [function] [call site] 00019
4 unistd_update_handler [function] [call site] 00020
5 lseek [call site] 00021
4 calloc [call site] 00022
4 readstat_set_io_ctx [function] [call site] 00023
3 readstat_parser_free [function] [call site] 00024
4 readstat_set_io_ctx [function] [call site] 00025
2 readstat_set_open_handler [function] [call site] 00026
2 rt_open_handler [function] [call site] 00027
2 readstat_set_close_handler [function] [call site] 00028
2 rt_close_handler [function] [call site] 00029
2 readstat_set_seek_handler [function] [call site] 00030
2 rt_seek_handler [function] [call site] 00031
2 readstat_set_read_handler [function] [call site] 00032
2 rt_read_handler [function] [call site] 00033
2 readstat_set_update_handler [function] [call site] 00034
2 rt_update_handler [function] [call site] 00035
2 readstat_set_metadata_handler [function] [call site] 00036
2 handle_metadata [function] [call site] 00037
2 readstat_set_note_handler [function] [call site] 00038
2 handle_note [function] [call site] 00039
2 readstat_set_variable_handler [function] [call site] 00040
2 handle_variable [function] [call site] 00041
2 readstat_set_fweight_handler [function] [call site] 00042
2 handle_fweight [function] [call site] 00043
2 readstat_set_value_handler [function] [call site] 00044
2 handle_value [function] [call site] 00045
2 readstat_set_value_label_handler [function] [call site] 00046
2 handle_value_label [function] [call site] 00047
1 readstat_set_io_ctx [function] [call site] 00048
1 readstat_parse_por [function] [call site] 00049
2 por_ctx_init [function] [call site] 00050
3 calloc [call site] 00051
3 ck_hash_table_init [function] [call site] 00052
4 ck_hash_table_wipe [function] [call site] 00053
2 strcmp [call site] 00054
2 iconv_open [call site] 00055
2 read_bytes [function] [call site] 00056
2 readstat_convert [function] [call site] 00057
3 iconv [call site] 00058
3 __errno_location [call site] 00059
3 __errno_location [call site] 00060
3 __errno_location [call site] 00061
2 read_bytes [function] [call site] 00062
2 read_bytes [function] [call site] 00063
2 por_utf8_encode [function] [call site] 00064
3 snprintf [call site] 00065
2 snprintf [call site] 00066
2 strncmp [call site] 00067
2 read_version_and_timestamp [function] [call site] 00068
3 read_bytes [function] [call site] 00069
3 read_string [function] [call site] 00070
4 maybe_read_string [function] [call site] 00071
5 maybe_read_double [function] [call site] 00072
6 read_bytes [function] [call site] 00073
6 read_double_with_peek [function] [call site] 00074
7 read_bytes [function] [call site] 00075
7 read_bytes [function] [call site] 00076
7 por_utf8_encode [function] [call site] 00077
7 snprintf [call site] 00078
7 readstat_por_parse_double [function] [call site] 00079
8 pow [call site] 00080
8 snprintf [call site] 00081
5 realloc [call site] 00082
5 read_bytes [function] [call site] 00083
5 por_utf8_encode [function] [call site] 00084
5 snprintf [call site] 00085
3 __isoc99_sscanf [call site] 00086
3 read_string [function] [call site] 00087
3 __isoc99_sscanf [call site] 00088
3 mktime [call site] 00089
2 read_tag [function] [call site] 00090
3 read_bytes [function] [call site] 00091
2 read_string [function] [call site] 00092
2 read_variable_count_record [function] [call site] 00093
3 read_integer_in_range [function] [call site] 00094
4 read_double [function] [call site] 00095
5 read_bytes [function] [call site] 00096
5 read_double_with_peek [function] [call site] 00097
3 readstat_calloc [function] [call site] 00098
3 readstat_calloc [function] [call site] 00099
2 read_precision_record [function] [call site] 00100
3 read_integer_in_range [function] [call site] 00101
2 read_case_weight_record [function] [call site] 00102
3 read_string [function] [call site] 00103
2 read_variable_record [function] [call site] 00104
3 read_integer_in_range [function] [call site] 00105
3 read_string [function] [call site] 00106
3 ck_str_hash_insert [function] [call site] 00107
4 strlen [call site] 00108
4 ck_str_n_hash_insert [function] [call site] 00109
5 ck_hash_table_grow [function] [call site] 00110
6 calloc [call site] 00111
6 ck_hash_str [function] [call site] 00112
7 siphash [function] [call site] 00113
6 ck_hash_insert_nocopy [function] [call site] 00114
5 ck_hash_str [function] [call site] 00115
5 realloc [call site] 00116
5 memcmp [call site] 00117
3 read_integer_in_range [function] [call site] 00118
3 read_integer_in_range [function] [call site] 00119
3 read_integer_in_range [function] [call site] 00120
2 read_missing_value_record [function] [call site] 00121
3 read_double [function] [call site] 00122
3 read_string [function] [call site] 00123
2 read_missing_value_range_record [function] [call site] 00124
3 read_double [function] [call site] 00125
3 read_double [function] [call site] 00126
3 read_string [function] [call site] 00127
3 read_string [function] [call site] 00128
2 read_missing_value_lo_range_record [function] [call site] 00129
3 read_double [function] [call site] 00130
3 read_string [function] [call site] 00131
2 read_missing_value_hi_range_record [function] [call site] 00132
3 read_double [function] [call site] 00133
3 read_string [function] [call site] 00134
2 read_variable_label_record [function] [call site] 00135
3 read_string [function] [call site] 00136
3 strlen [call site] 00137
3 strlen [call site] 00138
3 readstat_convert [function] [call site] 00139
2 read_value_label_record [function] [call site] 00140
3 snprintf [call site] 00141
3 read_integer_in_range [function] [call site] 00142
3 read_string [function] [call site] 00143
3 ck_str_hash_lookup [function] [call site] 00144
4 strlen [call site] 00145
4 ck_str_n_hash_lookup [function] [call site] 00146
5 ck_hash_str [function] [call site] 00147
5 memcmp [call site] 00148
3 read_integer_in_range [function] [call site] 00149
3 read_string [function] [call site] 00150
3 read_string [function] [call site] 00151
3 read_double [function] [call site] 00152
3 read_string [function] [call site] 00153
2 read_document_record [function] [call site] 00154
3 read_integer_in_range [function] [call site] 00155
3 read_string [function] [call site] 00156
2 handle_variables [function] [call site] 00157
3 spss_init_variable_for_info [function] [call site] 00158
4 calloc [call site] 00159
4 readstat_convert [function] [call site] 00160
4 readstat_convert [function] [call site] 00161
4 snprintf [call site] 00162
4 spss_format [function] [call site] 00163
5 snprintf [call site] 00164
5 snprintf [call site] 00165
5 snprintf [call site] 00166
4 spss_missingness_for_info [function] [call site] 00167
5 spss_boxed_missing_value [function] [call site] 00168
6 spss_boxed_double_value [function] [call site] 00169
6 spss_boxed_string_value [function] [call site] 00170
5 spss_boxed_missing_value [function] [call site] 00171
5 spss_boxed_missing_value [function] [call site] 00172
5 spss_boxed_missing_value [function] [call site] 00173
3 snprintf [call site] 00174
3 strcmp [call site] 00175
2 read_por_file_data [function] [call site] 00176
3 maybe_read_string [function] [call site] 00177
3 snprintf [call site] 00178
3 strlen [call site] 00179
3 readstat_convert [function] [call site] 00180
3 maybe_read_double [function] [call site] 00181
3 snprintf [call site] 00182
3 por_update_progress [function] [call site] 00183
2 por_ctx_free [function] [call site] 00184
3 ck_hash_table_free [function] [call site] 00185
3 iconv_close [call site] 00186
1 readstat_parser_free [function] [call site] 00187