// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <stddef.h>
#include <stdint.h>
#include <string>
#include <vector>
#include <fuzzer/FuzzedDataProvider.h>
#include "extensions/common/csp_validator.h"
#include "extensions/common/install_warning.h"
#include "third_party/icu/fuzzers/fuzzer_utils.h"
namespace extensions {
namespace {
// Performs common initialization that's shared between all runs.
struct Environment {
IcuEnvironment icu_environment;
};
} // namespace
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
static Environment env;
const size_t kMaxSize = 10000;
if (size > kMaxSize) {
// Bail out if the input is too big (the exact limit is arbitrary), to avoid
// going out of memory when the CSP validator produces many warnings.
return 0;
}
FuzzedDataProvider fuzzed_data_provider(data, size);
const std::string content_security_policy =
fuzzed_data_provider.ConsumeRandomLengthString();
const std::string manifest_key =
fuzzed_data_provider.ConsumeRandomLengthString();
std::vector<InstallWarning> install_warnings;
csp_validator::SanitizeContentSecurityPolicy(
content_security_policy, manifest_key,
/*options=*/fuzzed_data_provider.ConsumeIntegralInRange(0, 4),
&install_warnings);
csp_validator::GetSandboxedPageCSPDisallowingRemoteSources(
content_security_policy, manifest_key, &install_warnings);
std::u16string error;
csp_validator::DoesCSPDisallowRemoteCode(content_security_policy,
manifest_key, &error);
return 0;
}
} // namespace extensions
Codebase Browser
chromium