2022-12-26 19:49:27 +03:00
/*
* xinclude . c : a libFuzzer target to test the XInclude engine .
*
* See Copyright for the status of this software .
*/
# include <libxml/catalog.h>
# include <libxml/parser.h>
# include <libxml/tree.h>
# include <libxml/xmlerror.h>
# include <libxml/xinclude.h>
# include "fuzz.h"
int
LLVMFuzzerInitialize ( int * argc ATTRIBUTE_UNUSED ,
char * * * argv ATTRIBUTE_UNUSED ) {
2023-03-08 15:59:03 +03:00
xmlFuzzMemSetup ( ) ;
2022-12-26 19:49:27 +03:00
xmlInitParser ( ) ;
# ifdef LIBXML_CATALOG_ENABLED
xmlInitializeCatalog ( ) ;
2024-01-04 17:18:14 +03:00
xmlCatalogSetDefaults ( XML_CATA_ALLOW_NONE ) ;
2022-12-26 19:49:27 +03:00
# endif
xmlSetGenericErrorFunc ( NULL , xmlFuzzErrorFunc ) ;
return 0 ;
}
int
LLVMFuzzerTestOneInput ( const char * data , size_t size ) {
2023-12-10 20:32:21 +03:00
xmlParserCtxtPtr ctxt ;
2022-12-26 19:49:27 +03:00
xmlDocPtr doc ;
const char * docBuffer , * docUrl ;
2023-03-08 15:59:03 +03:00
size_t maxAlloc , docSize ;
2022-12-26 19:49:27 +03:00
int opts ;
xmlFuzzDataInit ( data , size ) ;
2023-03-08 15:59:00 +03:00
opts = ( int ) xmlFuzzReadInt ( 4 ) ;
2022-12-26 19:49:27 +03:00
opts | = XML_PARSE_XINCLUDE ;
2023-12-10 20:32:21 +03:00
maxAlloc = xmlFuzzReadInt ( 4 ) % ( size + 100 ) ;
2022-12-26 19:49:27 +03:00
xmlFuzzReadEntities ( ) ;
docBuffer = xmlFuzzMainEntity ( & docSize ) ;
docUrl = xmlFuzzMainUrl ( ) ;
if ( docBuffer = = NULL )
goto exit ;
/* Pull parser */
2023-03-08 15:59:03 +03:00
xmlFuzzMemSetLimit ( maxAlloc ) ;
2023-12-10 20:32:21 +03:00
ctxt = xmlNewParserCtxt ( ) ;
if ( ctxt ! = NULL ) {
xmlXIncludeCtxtPtr xinc ;
xmlDocPtr copy ;
2024-06-11 16:48:32 +03:00
xmlCtxtSetResourceLoader ( ctxt , xmlFuzzResourceLoader , NULL ) ;
2023-12-10 20:32:21 +03:00
doc = xmlCtxtReadMemory ( ctxt , docBuffer , docSize , docUrl , NULL , opts ) ;
xmlFuzzCheckMallocFailure ( " xmlCtxtReadMemory " ,
ctxt - > errNo = = XML_ERR_NO_MEMORY ) ;
xinc = xmlXIncludeNewContext ( doc ) ;
2024-06-11 16:48:32 +03:00
xmlXIncludeSetResourceLoader ( xinc , xmlFuzzResourceLoader , NULL ) ;
2023-12-10 20:32:21 +03:00
xmlXIncludeSetFlags ( xinc , opts ) ;
xmlXIncludeProcessNode ( xinc , ( xmlNodePtr ) doc ) ;
if ( doc ! = NULL ) {
xmlFuzzCheckMallocFailure ( " xmlXIncludeProcessNode " ,
xinc = = NULL | |
xmlXIncludeGetLastError ( xinc ) = = XML_ERR_NO_MEMORY ) ;
}
xmlXIncludeFreeContext ( xinc ) ;
xmlFuzzResetMallocFailed ( ) ;
copy = xmlCopyDoc ( doc , 1 ) ;
if ( doc ! = NULL )
xmlFuzzCheckMallocFailure ( " xmlCopyNode " , copy = = NULL ) ;
xmlFreeDoc ( copy ) ;
xmlFreeDoc ( doc ) ;
xmlFreeParserCtxt ( ctxt ) ;
}
2022-12-26 19:49:27 +03:00
exit :
2023-03-08 15:59:03 +03:00
xmlFuzzMemSetLimit ( 0 ) ;
2022-12-26 19:49:27 +03:00
xmlFuzzDataCleanup ( ) ;
xmlResetLastError ( ) ;
return ( 0 ) ;
}