1 /* 2 * Copyright (c) 2009-2022, Google LLC 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions are met: 7 * * Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * * Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * * Neither the name of Google LLC nor the 13 * names of its contributors may be used to endorse or promote products 14 * derived from this software without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL Google LLC BE LIABLE FOR ANY DIRECT, 20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #ifndef UPB_TEST_FUZZ_UTIL_H_ 29 #define UPB_TEST_FUZZ_UTIL_H_ 30 31 #include <string> 32 #include <vector> 33 34 #include "upb/mini_table/extension_registry.h" 35 #include "upb/mini_table/types.h" 36 37 namespace upb { 38 namespace fuzz { 39 40 struct MiniTableFuzzInput { 41 // MiniDescripotrs for N messages, in the format accepted by 42 // upb_MiniTable_Build(). 43 std::vector<std::string> mini_descriptors; 44 45 // MiniDescripotrs for N enums, in the format accepted by 46 // upb_MiniTableEnum_Build(). 47 std::vector<std::string> enum_mini_descriptors; 48 49 // A MiniDescriptor for N extensions, in the format accepted by 50 // upb_MiniTableExtension_Build(). 51 std::string extensions; 52 53 // Integer indexes into the message or enum mini tables lists. These specify 54 // which message or enum to use for each sub-message or enum field. We mod 55 // by the total number of enums or messages so that any link value can be 56 // valid. 57 std::vector<uint32_t> links; 58 }; 59 60 // Builds an arbitrary mini table corresponding to the random data in `input`. 61 // This function should be capable of producing any mini table that can 62 // successfully build, and any topology of messages and enums (including 63 // cycles). 64 // 65 // As currently written, it effectively fuzzes the mini descriptor parser also, 66 // and can therefore trigger any bugs in that parser. To better isolate these 67 // two, we may want to change this implementation to use the mini descriptor 68 // builder API so we are producing mini descriptors in a known good format. That 69 // would mostly eliminate the chance of crashing the mini descriptor parser 70 // itself. 71 // 72 // TODO: maps. If we give maps some space in the regular encoding instead of 73 // using a separate function, we could get that for free. 74 const upb_MiniTable* BuildMiniTable(const MiniTableFuzzInput& input, 75 upb_ExtensionRegistry** exts, 76 upb_Arena* arena); 77 78 } // namespace fuzz 79 } // namespace upb 80 81 #endif // UPB_TEST_FUZZ_UTIL_H_ 82