convert fuzz target to c89, optimize

ec8d2f9c · randy408 · dc56e24f · ec8d2f9c · ec8d2f9c · ec8d2f9c
Showing with 16 addition and 22 deletion

fuzzing/CMakeLists.txt fuzzing/CMakeLists.txt +1 -1

fuzzing/cjson_read_fuzzer.c fuzzing/cjson_read_fuzzer.c +12 -16

fuzzing/fuzz_main.c fuzzing/fuzz_main.c +1 -3

fuzzing/ossfuzz.sh fuzzing/ossfuzz.sh +2 -2

未找到文件。
--- a/fuzzing/CMakeLists.txt
+++ b/fuzzing/CMakeLists.txt
@@ -28,6 +28,6 @@ if (ENABLE_FUZZING)
 endif()

 if(ENABLE_CJSON_TEST)
-    ADD_EXECUTABLE(fuzz_main fuzz_main.c)
+    ADD_EXECUTABLE(fuzz_main fuzz_main.c cjson_read_fuzzer.c)
    TARGET_LINK_LIBRARIES(fuzz_main cjson)
 endif()
\ No newline at end of file
--- a/fuzzing/cjson_read_fuzzer.cc
+++ b/fuzzing/cjson_read_fuzzer.cc
@@ -4,9 +4,8 @@

 #include "../cJSON.h"

-#ifdef __cplusplus
-extern "C"
-#endif
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C89 */
+
 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
    cJSON *json;
@@ -17,6 +16,7 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)


    if(size <= offset) return 0;
+    if(data[size-1] != '\0') return 0;
    if(data[0] != '1' && data[0] != '0') return 0;
    if(data[1] != '1' && data[1] != '0') return 0;
    if(data[2] != '1' && data[2] != '0') return 0;
@@ -27,19 +27,9 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
    formatted           = data[2] == '1' ? 1 : 0;
    buffered            = data[3] == '1' ? 1 : 0;

-    copied = (unsigned char*)malloc(size);
-    if(copied == NULL) return 0;
-
-    memcpy(copied, data, size);
-    copied[size-1] = '\0';
-
-    json = cJSON_ParseWithOpts((const char*)copied + offset, NULL, require_termination);
+    json = cJSON_ParseWithOpts((const char*)data + offset, NULL, require_termination);

-    if(json == NULL)
-    {
-        free(copied);
-        return 0;
-    }
+    if(json == NULL) return 0;

    if(buffered)
    {
@@ -62,11 +52,17 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)

    if(minify)
    {
+        copied = (unsigned char*)malloc(size);
+        if(copied == NULL) return 0;
+
+        memcpy(copied, data, size);
+
        cJSON_Minify((char*)copied + offset);
+
+        free(copied);
    }

    cJSON_Delete(json);
-    free(copied);

    return 0;
 }
--- a/fuzzing/fuzz_main.c
+++ b/fuzzing/fuzz_main.c
@@ -2,9 +2,7 @@
 #include <stdio.h>
 #include <stdlib.h>

-int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C90 */
-
-#include "cjson_read_fuzzer.cc"
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); /* required by C89 */

 /* fuzz target entry point, works without libFuzzer */


--- a/fuzzing/ossfuzz.sh
+++ b/fuzzing/ossfuzz.sh
@@ -8,8 +8,8 @@ cd build
 cmake -DBUILD_SHARED_LIBS=OFF -DENABLE_CJSON_TEST=OFF ..
 make -j$(nproc)

-$CXX $CXXFLAGS -std=c++11 -I. \
-    $SRC/cjson/fuzzing/cjson_read_fuzzer.cc \
+$CC $CFLAGS -std=c89 -I. \
+    $SRC/cjson/fuzzing/cjson_read_fuzzer.c \
    -o $OUT/cjson_read_fuzzer \
    $LIB_FUZZING_ENGINE $SRC/cjson/build/libcjson.a