• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "publicapilocalregexpref_fuzzer.h"
17 #include "ecmascript/base/string_helper.h"
18 #include "ecmascript/global_env.h"
19 #include "ecmascript/js_regexp.h"
20 #include "ecmascript/napi/include/jsnapi.h"
21 #include "ecmascript/napi/jsnapi_helper.h"
22 
23 using namespace panda;
24 using namespace panda::ecmascript;
25 
26 namespace OHOS {
LocalRegExpGetOriginalSourceFuzzTest(const uint8_t * data,size_t size)27 void LocalRegExpGetOriginalSourceFuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
28 {
29     RuntimeOption option;
30     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
31     EcmaVM *vm = JSNApi::CreateJSVM(option);
32     {
33         JsiFastNativeScope scope(vm);
34         if (size <= 0) {
35             LOG_ECMA(ERROR) << "illegal input!";
36             return;
37         }
38         JSThread *thread = vm->GetJSThread();
39         ObjectFactory *factory = vm->GetFactory();
40         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
41         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
42         JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto);
43         JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass));
44         jSRegExp->SetByteCodeBuffer(thread, JSTaggedValue::Undefined());
45         jSRegExp->SetOriginalSource(thread, JSTaggedValue::Undefined());
46         jSRegExp->SetGroupName(thread, JSTaggedValue::Undefined());
47         jSRegExp->SetOriginalFlags(thread, JSTaggedValue(0));
48         jSRegExp->SetLength(0);
49         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp);
50         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
51         object->GetOriginalSource(vm);
52     }
53     JSNApi::DestroyJSVM(vm);
54 }
55 
LocalRegExpRefGetOriginalFlagsFuzzTest(const uint8_t * data,size_t size)56 void LocalRegExpRefGetOriginalFlagsFuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
57 {
58     RuntimeOption option;
59     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
60     EcmaVM *vm = JSNApi::CreateJSVM(option);
61     {
62         JsiFastNativeScope scope(vm);
63         if (size <= 0) {
64             LOG_ECMA(ERROR) << "illegal input!";
65             return;
66         }
67         JSThread *thread = vm->GetJSThread();
68         ObjectFactory *factory = vm->GetFactory();
69         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
70         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
71         JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto);
72         JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass));
73         jSRegExp->SetByteCodeBuffer(thread, JSTaggedValue::Undefined());
74         jSRegExp->SetOriginalSource(thread, JSTaggedValue::Undefined());
75         jSRegExp->SetGroupName(thread, JSTaggedValue::Undefined());
76         jSRegExp->SetOriginalFlags(thread, JSTaggedValue(0));
77         jSRegExp->SetLength(0);
78         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp);
79         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
80         object->GetOriginalFlags(vm);
81     }
82     JSNApi::DestroyJSVM(vm);
83 }
84 
LocalRegExpIsGlobalRefFuzzTest(const uint8_t * data,size_t size)85 void LocalRegExpIsGlobalRefFuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
86 {
87     RuntimeOption option;
88     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
89     EcmaVM *vm = JSNApi::CreateJSVM(option);
90     {
91         JsiFastNativeScope scope(vm);
92         if (size <= 0) {
93             LOG_ECMA(ERROR) << "illegal input!";
94             return;
95         }
96         JSThread *thread = vm->GetJSThread();
97         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
98         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
99         JSHandle<JSGlobalObject> globalObject = JSHandle<JSGlobalObject>::Cast(proto);
100         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(globalObject);
101         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
102         object->IsGlobal(vm);
103     }
104     JSNApi::DestroyJSVM(vm);
105 }
106 
LocalRegExpIsIgnoreCaseFuzzTest(const uint8_t * data,size_t size)107 void LocalRegExpIsIgnoreCaseFuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
108 {
109     RuntimeOption option;
110     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
111     EcmaVM *vm = JSNApi::CreateJSVM(option);
112     {
113         JsiFastNativeScope scope(vm);
114         if (size <= 0) {
115             LOG_ECMA(ERROR) << "illegal input!";
116             return;
117         }
118         JSThread *thread = vm->GetJSThread();
119         ObjectFactory *factory = vm->GetFactory();
120         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
121         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
122         JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto);
123         JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass));
124         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp);
125         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
126         object->IsIgnoreCase(vm);
127     }
128     JSNApi::DestroyJSVM(vm);
129 }
130 
LocalRegExpIsMultilineFuzzTest(const uint8_t * data,size_t size)131 void LocalRegExpIsMultilineFuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
132 {
133     RuntimeOption option;
134     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
135     EcmaVM *vm = JSNApi::CreateJSVM(option);
136     {
137         JsiFastNativeScope scope(vm);
138         if (size <= 0) {
139             LOG_ECMA(ERROR) << "illegal input!";
140             return;
141         }
142         JSThread *thread = vm->GetJSThread();
143         ObjectFactory *factory = vm->GetFactory();
144         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
145         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
146         JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto);
147         JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass));
148         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp);
149         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
150         object->IsMultiline(vm);
151     }
152     JSNApi::DestroyJSVM(vm);
153 }
154 
LocalRegExpIsDotAllFuzzTest(const uint8_t * data,size_t size)155 void LocalRegExpIsDotAllFuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
156 {
157     RuntimeOption option;
158     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
159     EcmaVM *vm = JSNApi::CreateJSVM(option);
160     {
161         JsiFastNativeScope scope(vm);
162         if (size <= 0) {
163             LOG_ECMA(ERROR) << "illegal input!";
164             return;
165         }
166         JSThread *thread = vm->GetJSThread();
167         ObjectFactory *factory = vm->GetFactory();
168         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
169         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
170         JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto);
171         JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass));
172         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp);
173         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
174         object->IsDotAll(vm);
175     }
176     JSNApi::DestroyJSVM(vm);
177 }
178 
LocalRegExpIsUtf16FuzzTest(const uint8_t * data,size_t size)179 void LocalRegExpIsUtf16FuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
180 {
181     RuntimeOption option;
182     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
183     EcmaVM *vm = JSNApi::CreateJSVM(option);
184     {
185         JsiFastNativeScope scope(vm);
186         if (size <= 0) {
187             LOG_ECMA(ERROR) << "illegal input!";
188             return;
189         }
190         JSThread *thread = vm->GetJSThread();
191         ObjectFactory *factory = vm->GetFactory();
192         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
193         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
194         JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto);
195         JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass));
196         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp);
197         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
198         object->IsUtf16(vm);
199     }
200     JSNApi::DestroyJSVM(vm);
201 }
202 
LocalRegExpIsSticklFuzzTest(const uint8_t * data,size_t size)203 void LocalRegExpIsSticklFuzzTest([[maybe_unused]]const uint8_t *data, size_t size)
204 {
205     RuntimeOption option;
206     option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
207     EcmaVM *vm = JSNApi::CreateJSVM(option);
208     {
209         JsiFastNativeScope scope(vm);
210         if (size <= 0) {
211             LOG_ECMA(ERROR) << "illegal input!";
212             return;
213         }
214         JSThread *thread = vm->GetJSThread();
215         ObjectFactory *factory = vm->GetFactory();
216         auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv();
217         JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype();
218         JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto);
219         JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass));
220         JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp);
221         Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag);
222         object->IsStick(vm);
223     }
224     JSNApi::DestroyJSVM(vm);
225 }
226 }
227 
228 // Fuzzer entry point.
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)229 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
230 {
231     // Run your code on data.
232     OHOS::LocalRegExpGetOriginalSourceFuzzTest(data, size);
233     OHOS::LocalRegExpRefGetOriginalFlagsFuzzTest(data, size);
234     OHOS::LocalRegExpIsGlobalRefFuzzTest(data, size);
235     OHOS::LocalRegExpIsIgnoreCaseFuzzTest(data, size);
236     OHOS::LocalRegExpIsMultilineFuzzTest(data, size);
237     OHOS::LocalRegExpIsDotAllFuzzTest(data, size);
238     OHOS::LocalRegExpIsUtf16FuzzTest(data, size);
239     OHOS::LocalRegExpIsSticklFuzzTest(data, size);
240     return 0;
241 }