1 // Copyright 2015 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/at_exit.h"
6 #include "base/check_op.h"
7 #include "base/i18n/icu_util.h"
8 #include "base/no_destructor.h"
9 #include "url/gurl.h"
10
11 struct TestCase {
TestCaseTestCase12 TestCase() { CHECK(base::i18n::InitializeICU()); }
13
14 // used by ICU integration.
15 base::AtExitManager at_exit_manager;
16 };
17
18 TestCase* test_case = new TestCase();
19
20 // Checks that GURL's canonicalization is idempotent. This can help discover
21 // issues like https://crbug.com/1128999.
CheckIdempotency(const GURL & url)22 void CheckIdempotency(const GURL& url) {
23 if (!url.is_valid())
24 return;
25 const std::string& spec = url.spec();
26 GURL recanonicalized(spec);
27 CHECK(recanonicalized.is_valid());
28 CHECK_EQ(spec, recanonicalized.spec());
29 }
30
31 // Checks that |url.spec()| is preserved across a call to ReplaceComponents with
32 // zero replacements, which is effectively a copy. This can help discover issues
33 // like https://crbug.com/1075515.
CheckReplaceComponentsPreservesSpec(const GURL & url)34 void CheckReplaceComponentsPreservesSpec(const GURL& url) {
35 static const base::NoDestructor<GURL::Replacements> no_op;
36 GURL copy = url.ReplaceComponents(*no_op);
37 CHECK_EQ(url.is_valid(), copy.is_valid());
38 if (url.is_valid()) {
39 CHECK_EQ(url.spec(), copy.spec());
40 }
41 }
42
43 // Entry point for LibFuzzer.
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)44 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
45 if (size < 1)
46 return 0;
47 {
48 base::StringPiece string_piece_input(reinterpret_cast<const char*>(data),
49 size);
50 const GURL url_from_string_piece(string_piece_input);
51 CheckIdempotency(url_from_string_piece);
52 CheckReplaceComponentsPreservesSpec(url_from_string_piece);
53 }
54 // Test for StringPiece16 if size is even.
55 if (size % sizeof(char16_t) == 0) {
56 base::StringPiece16 string_piece_input16(
57 reinterpret_cast<const char16_t*>(data), size / sizeof(char16_t));
58 const GURL url_from_string_piece16(string_piece_input16);
59 CheckIdempotency(url_from_string_piece16);
60 CheckReplaceComponentsPreservesSpec(url_from_string_piece16);
61 }
62 // Resolve relative url tests.
63 {
64 size_t size_t_bytes = sizeof(size_t);
65 if (size < size_t_bytes + 1) {
66 return 0;
67 }
68 size_t relative_size =
69 *reinterpret_cast<const size_t*>(data) % (size - size_t_bytes);
70 std::string relative_string(
71 reinterpret_cast<const char*>(data + size_t_bytes), relative_size);
72 base::StringPiece string_piece_part_input(
73 reinterpret_cast<const char*>(data + size_t_bytes + relative_size),
74 size - relative_size - size_t_bytes);
75 const GURL url_from_string_piece_part(string_piece_part_input);
76 CheckIdempotency(url_from_string_piece_part);
77 CheckReplaceComponentsPreservesSpec(url_from_string_piece_part);
78
79 url_from_string_piece_part.Resolve(relative_string);
80
81 if (relative_size % sizeof(char16_t) == 0) {
82 std::u16string relative_string16(
83 reinterpret_cast<const char16_t*>(data + size_t_bytes),
84 relative_size / sizeof(char16_t));
85 url_from_string_piece_part.Resolve(relative_string16);
86 }
87 }
88 return 0;
89 }
90