[libxml2] Move entity recorder to fuzz.c

From: Nick Wellnhofer <nwellnhof src gnome org>
To: commits-list gnome org
Cc:
Subject: [libxml2] Move entity recorder to fuzz.c
Date: Tue, 23 Jun 2020 14:32:13 +0000 (UTC)
commit ffd31dbefd2e407c074a37ead37bac5f979bc0f5
Author: Nick Wellnhofer <wellnhofer aevum de>
Date:   Sun Jun 21 12:14:19 2020 +0200

    Move entity recorder to fuzz.c

 fuzz/fuzz.c    | 58 ++++++++++++++++++++++++++++++++++++++++++++++
 fuzz/fuzz.h    |  6 +++--
 fuzz/xmlSeed.c | 73 +++-------------------------------------------------------
 3 files changed, 65 insertions(+), 72 deletions(-)
---
diff --git a/fuzz/fuzz.c b/fuzz/fuzz.c
index 57770c53..5bf8e552 100644
--- a/fuzz/fuzz.c
+++ b/fuzz/fuzz.c
@@ -121,6 +121,23 @@ xmlFuzzReadRemaining(size_t *size) {
     return(ret);
 }
 
+/*
+ * Write a random-length string to stdout in a format similar to
+ * FuzzedDataProvider. Backslash followed by newline marks the end of the
+ * string. Two backslashes are used to escape a backslash.
+ */
+static void
+xmlFuzzWriteString(const char *str) {
+    for (; *str; str++) {
+        int c = (unsigned char) *str;
+        putchar(c);
+        if (c == '\\')
+            putchar(c);
+    }
+    putchar('\\');
+    putchar('\n');
+}
+
 /**
  * xmlFuzzReadString:
  * @size:  size of string in bytes
@@ -169,6 +186,47 @@ xmlFuzzReadString(size_t *size) {
     return(NULL);
 }
 
+/*
+ * A custom entity loader that writes all external DTDs or entities to a
+ * single file in the format expected by xmlFuzzEntityLoader.
+ */
+xmlParserInputPtr
+xmlFuzzEntityRecorder(const char *URL, const char *ID,
+                      xmlParserCtxtPtr ctxt) {
+    xmlParserInputPtr in;
+    static const int chunkSize = 16384;
+    int len;
+
+    in = xmlNoNetExternalEntityLoader(URL, ID, ctxt);
+    if (in == NULL)
+        return(NULL);
+
+    if (fuzzData.entities == NULL) {
+        fuzzData.entities = xmlHashCreate(4);
+    } else if (xmlHashLookup(fuzzData.entities,
+                             (const xmlChar *) URL) != NULL) {
+        return(in);
+    }
+
+    do {
+        len = xmlParserInputBufferGrow(in->buf, chunkSize);
+        if (len < 0) {
+            fprintf(stderr, "Error reading %s\n", URL);
+            xmlFreeInputStream(in);
+            return(NULL);
+        }
+    } while (len > 0);
+
+    xmlFuzzWriteString(URL);
+    xmlFuzzWriteString((char *) xmlBufContent(in->buf->buffer));
+
+    xmlFreeInputStream(in);
+
+    xmlHashAddEntry(fuzzData.entities, (const xmlChar *) URL, NULL);
+
+    return(xmlNoNetExternalEntityLoader(URL, ID, ctxt));
+}
+
 /**
  * xmlFuzzReadEntities:
  *
diff --git a/fuzz/fuzz.h b/fuzz/fuzz.h
index 35702855..eabe0941 100644
--- a/fuzz/fuzz.h
+++ b/fuzz/fuzz.h
@@ -36,6 +36,9 @@ xmlFuzzReadInt(void);
 const char *
 xmlFuzzReadRemaining(size_t *size);
 
+xmlParserInputPtr
+xmlFuzzEntityRecorder(const char *URL, const char *ID, xmlParserCtxtPtr ctxt);
+
 void
 xmlFuzzReadEntities(void);
 
@@ -43,8 +46,7 @@ const char *
 xmlFuzzMainEntity(size_t *size);
 
 xmlParserInputPtr
-xmlFuzzEntityLoader(const char *URL, const char *ID ATTRIBUTE_UNUSED,
-                    xmlParserCtxtPtr ctxt);
+xmlFuzzEntityLoader(const char *URL, const char *ID, xmlParserCtxtPtr ctxt);
 
 size_t
 xmlFuzzExtractStrings(const char *data, size_t size, char **strings,
diff --git a/fuzz/xmlSeed.c b/fuzz/xmlSeed.c
index e1afcc63..fc64cd45 100644
--- a/fuzz/xmlSeed.c
+++ b/fuzz/xmlSeed.c
@@ -5,74 +5,8 @@
  */
 
 #include <stdio.h>
-#include <string.h>
-#include <libxml/hash.h>
-#include <libxml/parser.h>
-#include <libxml/parserInternals.h>
-#include <libxml/xmlIO.h>
-#include <libxml/xmlerror.h>
 #include "fuzz.h"
 
-static xmlHashTablePtr entities;
-
-static void
-errorFunc(void *ctx ATTRIBUTE_UNUSED, const char *msg ATTRIBUTE_UNUSED, ...) {
-    /* Discard error messages. */
-}
-
-/*
- * Write a random-length string in a format similar to FuzzedDataProvider.
- * Backslash followed by newline marks the end of the string. Two
- * backslashes are used to escape a backslash.
- */
-static void
-writeEscaped(const char *str) {
-    for (; *str; str++) {
-        int c = (unsigned char) *str;
-        putchar(c);
-        if (c == '\\')
-            putchar(c);
-    }
-    putchar('\\');
-    putchar('\n');
-}
-
-/*
- * A custom entity loader that writes all external DTDs or entities to a
- * single file in the format expected by xmlFuzzEntityLoader.
- */
-static xmlParserInputPtr
-entityLoader(const char *URL, const char *ID, xmlParserCtxtPtr context) {
-    xmlParserInputPtr in;
-    static const int chunkSize = 16384;
-    int len;
-
-    in = xmlNoNetExternalEntityLoader(URL, ID, context);
-    if (in == NULL)
-        return(NULL);
-
-    if (xmlHashLookup(entities, (const xmlChar *) URL) != NULL)
-        return(in);
-
-    do {
-        len = xmlParserInputBufferGrow(in->buf, chunkSize);
-        if (len < 0) {
-            fprintf(stderr, "Error reading %s\n", URL);
-            xmlFreeInputStream(in);
-            return(NULL);
-        }
-    } while (len > 0);
-
-    writeEscaped(URL);
-    writeEscaped((char *) xmlBufContent(in->buf->buffer));
-
-    xmlFreeInputStream(in);
-
-    xmlHashAddEntry(entities, (const xmlChar *) URL, "seen");
-
-    return(xmlNoNetExternalEntityLoader(URL, ID, context));
-}
-
 int
 main(int argc, char **argv) {
     int opts = XML_PARSE_NOENT | XML_PARSE_DTDLOAD;
@@ -83,11 +17,10 @@ main(int argc, char **argv) {
 
     fwrite(&opts, sizeof(opts), 1, stdout);
 
-    entities = xmlHashCreate(4);
-    xmlSetGenericErrorFunc(NULL, errorFunc);
-    xmlSetExternalEntityLoader(entityLoader);
+    xmlSetGenericErrorFunc(NULL, xmlFuzzErrorFunc);
+    xmlSetExternalEntityLoader(xmlFuzzEntityRecorder);
     xmlFreeDoc(xmlReadFile(argv[1], NULL, opts));
-    xmlHashFree(entities, NULL);
+    xmlFuzzDataCleanup();
 
     return(0);
 }
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]