Imported Upstream version 3.4.0

[platform/upstream/harfbuzz.git] / test / fuzzing / hb-set-fuzzer.cc

diff --git a/test/fuzzing/hb-set-fuzzer.cc b/test/fuzzing/hb-set-fuzzer.cc
index d5e5d0e..613699f 100644 (file)
--- a/test/fuzzing/hb-set-fuzzer.cc
+++ b/test/fuzzing/hb-set-fuzzer.cc
@@ -7,6 +7,12 @@
 
 #include "hb.h"
 
+// Only allow ~5,000 set values between the two input sets.
+// Arbitrarily long input sets do not trigger any meaningful
+// differences in behaviour so there's no benefit from allowing
+// the fuzzer to create super large sets.
+#define MAX_INPUT_SIZE 20000
+
 enum set_operation_t : uint8_t
 {
   INTERSECT = 0,
@@ -32,10 +38,18 @@ static hb_set_t *create_set (const uint32_t *value_array, int count)
 
 extern "C" int LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
 {
+  alloc_state = size; /* see src/failing-alloc.c */
+
   if (size < sizeof (instructions_t))
     return 0;
 
+  if (size > MAX_INPUT_SIZE)
+    return 0;
+
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wstrict-aliasing"
   const instructions_t &instructions = reinterpret_cast<const instructions_t &> (data);
+#pragma GCC diagnostic pop
   data += sizeof (instructions_t);
   size -= sizeof (instructions_t);