1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "base/at_exit.h" 6 #include "base/command_line.h" 7 #include "base/files/file_util.h" 8 #include "net/spdy/fuzzing/hpack_fuzz_util.h" 9 10 namespace { 11 12 // Specifies a file having HPACK header sets. 13 const char kFileToParse[] = "file-to-parse"; 14 15 } // namespace 16 17 using base::StringPiece; 18 using net::HpackFuzzUtil; 19 using std::string; 20 21 // Sequentially runs each given length-prefixed header block through 22 // decoding and encoding fuzzing stages (using HpackFuzzUtil). 23 int main(int argc, char** argv) { 24 base::AtExitManager exit_manager; 25 26 base::CommandLine::Init(argc, argv); 27 const base::CommandLine& command_line = 28 *base::CommandLine::ForCurrentProcess(); 29 30 if (!command_line.HasSwitch(kFileToParse)) { 31 LOG(ERROR) << "Usage: " << argv[0] 32 << " --" << kFileToParse << "=/path/to/file.in"; 33 return -1; 34 } 35 string file_to_parse = command_line.GetSwitchValueASCII(kFileToParse); 36 37 // ClusterFuzz may invoke as --file-to-parse="". Don't crash in this case. 38 if (file_to_parse.empty()) { 39 LOG(WARNING) << "Empty file to parse given. Doing nothing."; 40 return 0; 41 } 42 43 DVLOG(1) << "Reading input from " << file_to_parse; 44 HpackFuzzUtil::Input input; 45 CHECK(base::ReadFileToString(base::FilePath::FromUTF8Unsafe(file_to_parse), 46 &input.input)); 47 48 HpackFuzzUtil::FuzzerContext context; 49 HpackFuzzUtil::InitializeFuzzerContext(&context); 50 51 size_t block_count = 0; 52 StringPiece block; 53 while (HpackFuzzUtil::NextHeaderBlock(&input, &block)) { 54 HpackFuzzUtil::RunHeaderBlockThroughFuzzerStages(&context, block); 55 ++block_count; 56 } 57 DVLOG(1) << "Fuzzed " << block_count << " blocks."; 58 return 0; 59 } 60
