From 505b7d4732c6a8c423f43c0de46e05dc583e82c0 Mon Sep 17 00:00:00 2001 From: Behdad Esfahbod Date: Mon, 11 Jan 2016 18:31:04 +0000 Subject: [PATCH] [fuzzing] Fuzz input text Very rudimentary right now, but will get kcc's bot going. From https://github.com/behdad/harfbuzz/issues/139#issuecomment-163580783 --- test/fuzzing/hb-fuzzer.cc | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/test/fuzzing/hb-fuzzer.cc b/test/fuzzing/hb-fuzzer.cc index 1412567..c01c57f 100644 --- a/test/fuzzing/hb-fuzzer.cc +++ b/test/fuzzing/hb-fuzzer.cc @@ -1,9 +1,9 @@ #include #include #include +#include extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - const char text[] = "ABCDEXYZ123@_%&)*$!"; hb_blob_t *blob = hb_blob_create((const char *)data, size, HB_MEMORY_MODE_READONLY, NULL, NULL); @@ -12,13 +12,26 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { hb_ot_font_set_funcs(font); hb_font_set_scale(font, 12, 12); - hb_buffer_t *buffer = hb_buffer_create(); - hb_buffer_add_utf8(buffer, text, -1, 0, -1); - hb_buffer_guess_segment_properties(buffer); + { + const char text[] = "ABCDEXYZ123@_%&)*$!"; + hb_buffer_t *buffer = hb_buffer_create(); + hb_buffer_add_utf8(buffer, text, -1, 0, -1); + hb_buffer_guess_segment_properties(buffer); + hb_shape(font, buffer, NULL, 0); + hb_buffer_destroy(buffer); + } + + uint32_t text32[16]; + if (size > sizeof(text32)) { + memcpy(text32, data + size - sizeof(text32), sizeof(text32)); + hb_buffer_t *buffer = hb_buffer_create(); + hb_buffer_add_utf32(buffer, text32, sizeof(text32)/sizeof(text32[0]), 0, -1); + hb_buffer_guess_segment_properties(buffer); + hb_shape(font, buffer, NULL, 0); + hb_buffer_destroy(buffer); + } - hb_shape(font, buffer, NULL, 0); - hb_buffer_destroy(buffer); hb_font_destroy(font); hb_face_destroy(face); hb_blob_destroy(blob); -- 2.7.4