1 /*
2 # Copyright 2018 Google Inc.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 #
16 ################################################################################
17 */
18
19 #include <assert.h>
20 #include <stdbool.h>
21 #include <stddef.h>
22 #include <stdint.h>
23
24 #include "api/yajl_parse.h"
25
26 typedef struct {
27 int arrayLevel;
28 int objectLevel;
29 } context;
30
yajl_found_null(void * ctx)31 static int yajl_found_null(void* ctx) {
32 return 1;
33 }
34
yajl_found_boolean(void * ctx,int boolean)35 static int yajl_found_boolean(void* ctx, int boolean) {
36 return 1;
37 };
38
yajl_found_number(void * ctx,const char * v,unsigned int l)39 static int yajl_found_number(void* ctx, const char* v, unsigned int l) {
40 assert(l > 0);
41 return 1;
42 }
43
yajl_found_string(void * ctx,const unsigned char * s,unsigned int l)44 static int yajl_found_string(void* ctx, const unsigned char* s, unsigned int l) {
45 return 1;
46 }
47
yajl_found_object_key(void * ctx,const unsigned char * v,unsigned int l)48 static int yajl_found_object_key(void* ctx, const unsigned char* v, unsigned int l) {
49 assert(((context*)ctx)->objectLevel > 0);
50 return 1;
51 }
52
yajl_found_start_object(void * ctx)53 static int yajl_found_start_object(void* ctx) {
54 ((context*)ctx)->objectLevel++;
55 return 1;
56 }
57
yajl_found_end_object(void * ctx)58 static int yajl_found_end_object(void* ctx) {
59 assert(((context*)ctx)->objectLevel > 0);
60 ((context*)ctx)->objectLevel--;
61 return 1;
62 }
63
yajl_found_start_array(void * ctx)64 static int yajl_found_start_array(void* ctx) {
65 ((context*)ctx)->arrayLevel++;
66 return 1;
67 }
68
yajl_found_end_array(void * ctx)69 static int yajl_found_end_array(void* ctx) {
70 assert(((context*)ctx)->arrayLevel > 0);
71 ((context*)ctx)->arrayLevel--;
72 return 1;
73 }
74
75 static yajl_callbacks callbacks = {
76 yajl_found_null,
77 yajl_found_boolean,
78 NULL,
79 NULL,
80 yajl_found_number,
81 yajl_found_string,
82 yajl_found_start_object,
83 yajl_found_object_key,
84 yajl_found_end_object,
85 yajl_found_start_array,
86 yajl_found_end_array
87 };
88
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)89 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
90 context ctx = {
91 .arrayLevel = 0,
92 .objectLevel = 0,
93 };
94 yajl_parser_config cfg = {
95 .allowComments = 1,
96 .checkUTF8 = 1,
97 };
98 yajl_handle parser = yajl_alloc(&callbacks, &cfg, NULL, (void*)&ctx);
99
100 (void)yajl_parse(parser, data, size);
101 yajl_free(parser);
102
103 return 0;
104 }
105