diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
| commit | 2aa4a82499d4becd2284cdb482213d541b8804dd (patch) | |
| tree | b80bf8bf13c3766139fbacc530efd0dd9d54394c /js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js | |
| parent | Initial commit. (diff) | |
| download | firefox-upstream.tar.xz firefox-upstream.zip | |
Adding upstream version 86.0.1.upstream/86.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js b/js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js new file mode 100644 index 0000000000..1fdf8ee2c1 --- /dev/null +++ b/js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js @@ -0,0 +1,39 @@ +/* -*- Mode: javascript; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This global will hold the current fuzzing buffer for each iteration. +var fuzzBuf; + +function JSFuzzIterate() { + // This function is called per iteration. You must ensure that: + // + // 1) Each of your actions/decisions is only based on fuzzBuf, + // in particular not on Math.random(), Date/Time or other + // external inputs. + // + // 2) Your actions should be deterministic. The same fuzzBuf + // should always lead to the same set of actions/decisions. + // + // 3) You can modify the global where needed, but ensure that + // each iteration is isolated from one another by cleaning + // any modifications to the global after each iteration. + // In particular, iterations must not depend on or influence + // each other in any way (see also 1)). + // + // 4) You must catch all exceptions. + + try { + // This is a very simple UTF-16 string conversion for example purposes only. + let input = String.fromCharCode.apply(null, new Uint16Array(fuzzBuf.buffer)); + + // Pass the input through the JSON code as an example. Note that this + // particular example could probably be implemented more efficiently + // directly in fuzz-tests on a C++ level. This is purely for demonstration + // purposes. + print(JSON.stringify(JSON.parse(input))); + } catch(exc) { + print(exc); + } +} |