Add a fuzzer for gn's parser. BUG= NOTRY=true Review-Url: https://codereview.chromium.org/2275683002 Cr-Original-Commit-Position: refs/heads/master@{#414106} Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src Cr-Mirrored-Commit: e47a47636163bd171399c6426e834837a52b75b7
diff --git a/tools/gn/BUILD.gn b/tools/gn/BUILD.gn index e3a21ff..81678fa 100644 --- a/tools/gn/BUILD.gn +++ b/tools/gn/BUILD.gn
@@ -3,6 +3,7 @@ # found in the LICENSE file. import("//testing/test.gni") +import("//testing/libfuzzer/fuzzer_test.gni") defines = [ "GN_BUILD" ] @@ -346,3 +347,12 @@ "//testing/gtest", ] } + +fuzzer_test("gn_parser_fuzzer") { + sources = [ + "parser_fuzzer.cc", + ] + deps = [ + ":gn_lib", + ] +}
diff --git a/tools/gn/parser_fuzzer.cc b/tools/gn/parser_fuzzer.cc new file mode 100644 index 0000000..c7b4325 --- /dev/null +++ b/tools/gn/parser_fuzzer.cc
@@ -0,0 +1,24 @@ +// Copyright 2016 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include <stdint.h> + +#include "tools/gn/input_file.h" +#include "tools/gn/parser.h" +#include "tools/gn/source_file.h" +#include "tools/gn/tokenizer.h" + +extern "C" int LLVMFuzzerTestOneInput(const unsigned char* data, size_t size) { + SourceFile source; + InputFile input(source); + input.SetContents(std::string(reinterpret_cast<const char*>(data), size)); + + Err err; + std::vector<Token> tokens = Tokenizer::Tokenize(&input, &err); + + if (!err.has_error()) + Parser::Parse(tokens, &err); + + return 0; +}