Skip to content

Commit c24c432

Browse files
philipturnbullphilipturnbull
committed
Fuzz width parameter too
Allow the `width` parameter to be generated too so we get better fuzz-coverage.
1 parent b04ab57 commit c24c432

File tree

1 file changed

+17
-13
lines changed

1 file changed

+17
-13
lines changed

test/cmark-fuzz.c

Lines changed: 17 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -3,24 +3,28 @@
33
#include "cmark.h"
44

55
int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
6-
int options = 0;
7-
if (size >= sizeof(options)) {
8-
/* First 4 bytes of input are treated as options */
9-
int options = *(const int *)data;
6+
struct __attribute__((packed)) {
7+
int options;
8+
int width;
9+
} fuzz_config;
10+
11+
if (size >= sizeof(fuzz_config)) {
12+
/* The beginning of `data` is treated as fuzzer configuration */
13+
memcpy(&fuzz_config, data, sizeof(fuzz_config));
1014

1115
/* Mask off valid option bits */
12-
options = options & (CMARK_OPT_SOURCEPOS | CMARK_OPT_HARDBREAKS | CMARK_OPT_SAFE | CMARK_OPT_NOBREAKS | CMARK_OPT_NORMALIZE | CMARK_OPT_VALIDATE_UTF8 | CMARK_OPT_SMART);
16+
fuzz_config.options &= (CMARK_OPT_SOURCEPOS | CMARK_OPT_HARDBREAKS | CMARK_OPT_SAFE | CMARK_OPT_NOBREAKS | CMARK_OPT_NORMALIZE | CMARK_OPT_VALIDATE_UTF8 | CMARK_OPT_SMART);
1317

1418
/* Remainder of input is the markdown */
15-
const char *markdown = (const char *)(data + sizeof(options));
16-
const size_t markdown_size = size - sizeof(options);
17-
cmark_node *doc = cmark_parse_document(markdown, markdown_size, options);
19+
const char *markdown = (const char *)(data + sizeof(fuzz_config));
20+
const size_t markdown_size = size - sizeof(fuzz_config);
21+
cmark_node *doc = cmark_parse_document(markdown, markdown_size, fuzz_config.options);
1822

19-
free(cmark_render_commonmark(doc, options, 80));
20-
free(cmark_render_html(doc, options));
21-
free(cmark_render_latex(doc, options, 80));
22-
free(cmark_render_man(doc, options, 80));
23-
free(cmark_render_xml(doc, options));
23+
free(cmark_render_commonmark(doc, fuzz_config.options, fuzz_config.width));
24+
free(cmark_render_html(doc, fuzz_config.options));
25+
free(cmark_render_latex(doc, fuzz_config.options, fuzz_config.width));
26+
free(cmark_render_man(doc, fuzz_config.options, fuzz_config.width));
27+
free(cmark_render_xml(doc, fuzz_config.options));
2428

2529
cmark_node_free(doc);
2630
}

0 commit comments

Comments
 (0)