From 614e0807a8137d82832aea45e4864b424f71f698 Mon Sep 17 00:00:00 2001 From: practicalswift Date: Wed, 15 Jul 2020 00:04:46 +0000 Subject: tests: Add fuzzing harness for CBufferedFile::{SetPos,GetPos,GetType,GetVersion} (stream.h) --- src/test/fuzz/buffered_file.cpp | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'src/test') diff --git a/src/test/fuzz/buffered_file.cpp b/src/test/fuzz/buffered_file.cpp index 29b2277f16..6bbd13eb5c 100644 --- a/src/test/fuzz/buffered_file.cpp +++ b/src/test/fuzz/buffered_file.cpp @@ -29,8 +29,9 @@ void test_one_input(const std::vector& buffer) } } if (opt_buffered_file && fuzzed_file != nullptr) { + bool setpos_fail = false; while (fuzzed_data_provider.ConsumeBool()) { - switch (fuzzed_data_provider.ConsumeIntegralInRange(0, 4)) { + switch (fuzzed_data_provider.ConsumeIntegralInRange(0, 5)) { case 0: { std::array arr{}; try { @@ -48,17 +49,30 @@ void test_one_input(const std::vector& buffer) break; } case 3: { + if (!opt_buffered_file->SetPos(fuzzed_data_provider.ConsumeIntegralInRange(0, 4096))) { + setpos_fail = true; + } + break; + } + case 4: { + if (setpos_fail) { + // Calling FindByte(...) after a failed SetPos(...) call may result in an infinite loop. + break; + } try { opt_buffered_file->FindByte(fuzzed_data_provider.ConsumeIntegral()); } catch (const std::ios_base::failure&) { } break; } - case 4: { + case 5: { ReadFromStream(fuzzed_data_provider, *opt_buffered_file); break; } } } + opt_buffered_file->GetPos(); + opt_buffered_file->GetType(); + opt_buffered_file->GetVersion(); } } -- cgit v1.2.3