1 /* 2 * Copyright 2018 Google Inc. 3 * 4 * Use of this source code is governed by a BSD-style license that can be 5 * found in the LICENSE file. 6 */ 7 8 #include "include/core/SkCanvas.h" 9 #include "include/core/SkPaint.h" 10 #include "include/core/SkPath.h" 11 #include "include/core/SkSurface.h" 12 #include "src/core/SkReadBuffer.h" 13 FuzzPathDeserialize(SkReadBuffer & buf)14void FuzzPathDeserialize(SkReadBuffer& buf) { 15 SkPath path; 16 buf.readPath(&path); 17 if (!buf.isValid()) { 18 return; 19 } 20 21 auto s = SkSurface::MakeRasterN32Premul(128, 128); 22 if (!s) { 23 // May return nullptr in memory-constrained fuzzing environments 24 return; 25 } 26 s->getCanvas()->drawPath(path, SkPaint()); 27 } 28 29 // TODO(kjlubick): remove IS_FUZZING... after https://crrev.com/c/2410304 lands 30 #if defined(SK_BUILD_FOR_LIBFUZZER) || defined(IS_FUZZING_WITH_LIBFUZZER) LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)31extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 32 if (size < 4 || size > 2000) { 33 return 0; 34 } 35 uint32_t packed; 36 memcpy(&packed, data, 4); 37 unsigned version = packed & 0xFF; 38 if (version != 4) { 39 // Chrome only will produce version 4, so guide the fuzzer to 40 // only focus on those branches. 41 return 0; 42 } 43 SkReadBuffer buf(data, size); 44 FuzzPathDeserialize(buf); 45 return 0; 46 } 47 #endif 48