summaryrefslogtreecommitdiffstats
path: root/js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 14:29:10 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 14:29:10 +0000
commit2aa4a82499d4becd2284cdb482213d541b8804dd (patch)
treeb80bf8bf13c3766139fbacc530efd0dd9d54394c /js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js
parentInitial commit. (diff)
downloadfirefox-2aa4a82499d4becd2284cdb482213d541b8804dd.tar.xz
firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.zip
Adding upstream version 86.0.1.upstream/86.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js')
-rw-r--r--js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js39
1 files changed, 39 insertions, 0 deletions
diff --git a/js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js b/js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js
new file mode 100644
index 0000000000..1fdf8ee2c1
--- /dev/null
+++ b/js/src/shell/jsrtfuzzing/jsrtfuzzing-example.js
@@ -0,0 +1,39 @@
+/* -*- Mode: javascript; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This global will hold the current fuzzing buffer for each iteration.
+var fuzzBuf;
+
+function JSFuzzIterate() {
+ // This function is called per iteration. You must ensure that:
+ //
+ // 1) Each of your actions/decisions is only based on fuzzBuf,
+ // in particular not on Math.random(), Date/Time or other
+ // external inputs.
+ //
+ // 2) Your actions should be deterministic. The same fuzzBuf
+ // should always lead to the same set of actions/decisions.
+ //
+ // 3) You can modify the global where needed, but ensure that
+ // each iteration is isolated from one another by cleaning
+ // any modifications to the global after each iteration.
+ // In particular, iterations must not depend on or influence
+ // each other in any way (see also 1)).
+ //
+ // 4) You must catch all exceptions.
+
+ try {
+ // This is a very simple UTF-16 string conversion for example purposes only.
+ let input = String.fromCharCode.apply(null, new Uint16Array(fuzzBuf.buffer));
+
+ // Pass the input through the JSON code as an example. Note that this
+ // particular example could probably be implemented more efficiently
+ // directly in fuzz-tests on a C++ level. This is purely for demonstration
+ // purposes.
+ print(JSON.stringify(JSON.parse(input)));
+ } catch(exc) {
+ print(exc);
+ }
+}