Home Verkennen Help
Inloggen
cpp
/
love2d.megasource
spiegel van https://github.com/love2d/megasource
2
0
Vork 0
Bestanden Issues 0 Wiki
Aftakking: main
Aftakkingen Labels
love2d.megasour...
/
libs
/
harfbuzz
/
test
/
fuzzing
/
hb-subset-fuzzer.cc

hb-subset-fuzzer.cc 3.3 KB
Permalink Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 
  1. #include "hb-fuzzer.hh"
    2. 

  2. 

  3. #include <stdlib.h>
    4. 

  4. #include <stdio.h>
    5. 

  5. #include <string.h>
    6. 

  6. #include <assert.h>
    7. 

  7. 

  8. #include "hb-subset.h"
    9. 

  9. 

  10. static void
    11. 

  11. trySubset (hb_face_t *face,
    12. 

  12. 	   const hb_codepoint_t text[],
    13. 

  13. 	   int text_length,
    14. 

  14.            unsigned flag_bits,
    15. 

  15.            hb_subset_input_t *input)
    16. 

  16. {
    17. 

  17.   if (!input) return;
    18. 

  18. 

  19.   hb_subset_input_set_flags (input, (hb_subset_flags_t) flag_bits);
    20. 

  20. 

  21.   hb_set_t *codepoints = hb_subset_input_unicode_set (input);
    22. 

  22. 

  23.   for (int i = 0; i < text_length; i++)
    24. 

  24.     hb_set_add (codepoints, text[i]);
    25. 

  25. 

  26.   hb_face_t *result = hb_subset_or_fail (face, input);
    27. 

  27.   if (result)
    28. 

  28.   {
    29. 

  29.     hb_blob_t *blob = hb_face_reference_blob (result);
    30. 

  30.     unsigned int length;
    31. 

  31.     const char *data = hb_blob_get_data (blob, &length);
    32. 

  32. 

  33.     // Something not optimizable just to access all the blob data
    34. 

  34.     unsigned int bytes_count = 0;
    35. 

  35.     for (unsigned int i = 0; i < length; ++i)
    36. 

  36.       if (data[i]) ++bytes_count;
    37. 

  37.     assert (bytes_count || !length);
    38. 

  38. 

  39.     hb_blob_destroy (blob);
    40. 

  40.   }
    41. 

  41.   hb_face_destroy (result);
    42. 

  42. 

  43.   hb_subset_input_destroy (input);
    44. 

  44. }
    45. 

  45. 

  46. extern "C" int LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
    47. 

  47. {
    48. 

  48.   alloc_state = _fuzzing_alloc_state (data, size);
    49. 

  49. 

  50.   hb_blob_t *blob = hb_blob_create ((const char *) data, size,
    51. 

  51. 				    HB_MEMORY_MODE_READONLY, nullptr, nullptr);
    52. 

  52.   hb_face_t *face = hb_face_create (blob, 0);
    53. 

  53. 

  54.   /* Just test this API here quickly. */
    55. 

  55.   hb_set_t *output = hb_set_create ();
    56. 

  56.   hb_face_collect_unicodes (face, output);
    57. 

  57.   hb_set_destroy (output);
    58. 

  58. 

  59.   unsigned flags = HB_SUBSET_FLAGS_DEFAULT;
    60. 

  60.   const hb_codepoint_t text[] =
    61. 

  61.       {
    62. 

  62. 	'A', 'B', 'C', 'D', 'E', 'X', 'Y', 'Z', '1', '2',
    63. 

  63. 	'3', '@', '_', '%', '&', ')', '*', '$', '!'
    64. 

  64.       };
    65. 

  65. 

  66.   hb_subset_input_t *input = hb_subset_input_create_or_fail ();
    67. 

  67.   if (!input)
    68. 

  68.   {
    69. 

  69.     hb_face_destroy (face);
    70. 

  70.     hb_blob_destroy (blob);
    71. 

  71.     return 0;
    72. 

  72.   }
    73. 

  73.   trySubset (face, text, sizeof (text) / sizeof (hb_codepoint_t), flags, input);
    74. 

  74. 

  75.   unsigned num_axes;
    76. 

  76.   hb_codepoint_t text_from_data[16];
    77. 

  77.   if (size > sizeof (text_from_data) + sizeof (flags) + sizeof(num_axes)) {
    78. 

  78.     hb_subset_input_t *input = hb_subset_input_create_or_fail ();
    79. 

  79.     if (!input)
    80. 

  80.     {
    81. 

  81.       hb_face_destroy (face);
    82. 

  82.       hb_blob_destroy (blob);
    83. 

  83.       return 0;
    84. 

  84.     }
    85. 

  85.     size -= sizeof (text_from_data);
    86. 

  86.     memcpy (text_from_data,
    87. 

  87. 	    data + size,
    88. 

  88. 	    sizeof (text_from_data));
    89. 

  89. 

  90.     size -= sizeof (flags);
    91. 

  91.     memcpy (&flags,
    92. 

  92. 	    data + size,
    93. 

  93. 	    sizeof (flags));
    94. 

  94. 

  95.     size -= sizeof (num_axes);
    96. 

  96.     memcpy (&num_axes,
    97. 

  97. 	    data + size,
    98. 

  98. 	    sizeof (num_axes));
    99. 

  99. 

  100.     if (num_axes > 0 && num_axes < 8 && size > num_axes * (sizeof(hb_tag_t) + sizeof(int)))
    101. 

  101.     {
    102. 

  102.       for (unsigned i = 0; i < num_axes; i++) {
    103. 

  103.         hb_tag_t tag;
    104. 

  104.         int value;
    105. 

  105.         size -= sizeof (tag);
    106. 

  106.         memcpy (&tag,
    107. 

  107.                 data + size,
    108. 

  108.                 sizeof (tag));
    109. 

  109.         size -= sizeof (value);
    110. 

  110.         memcpy (&value,
    111. 

  111.                 data + size,
    112. 

  112.                 sizeof (value));
    113. 

  113. 

  114.         hb_subset_input_pin_axis_location(input,
    115. 

  115.                                           face,
    116. 

  116.                                           tag,
    117. 

  117.                                           (float) value);
    118. 

  118.       }
    119. 

  119.     }
    120. 

  120. 

  121. 

  122. 

  123.     unsigned int text_size = sizeof (text_from_data) / sizeof (hb_codepoint_t);
    124. 

  124.     trySubset (face, text_from_data, text_size, flags, input);
    125. 

  125.   }
    126. 

  126. 

  127.   hb_face_destroy (face);
    128. 

  128.   hb_blob_destroy (blob);
    129. 

  129. 

  130.   return 0;
    131. 

  131. }
    132.