diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /js/src/fuzz-tests/gluesmith | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'js/src/fuzz-tests/gluesmith')
-rw-r--r-- | js/src/fuzz-tests/gluesmith/Cargo.toml | 10 | ||||
-rw-r--r-- | js/src/fuzz-tests/gluesmith/moz.build | 15 | ||||
-rw-r--r-- | js/src/fuzz-tests/gluesmith/src/lib.rs | 63 |
3 files changed, 88 insertions, 0 deletions
diff --git a/js/src/fuzz-tests/gluesmith/Cargo.toml b/js/src/fuzz-tests/gluesmith/Cargo.toml new file mode 100644 index 0000000000..7bd7f6652a --- /dev/null +++ b/js/src/fuzz-tests/gluesmith/Cargo.toml @@ -0,0 +1,10 @@ +[package] +name = "gluesmith" +version = "0.1.0" +authors = ["Christian Holler"] +license = "MPL-2.0" + +[dependencies] +wasm-smith = "0.15.0" +arbitrary = { version = "1.0.0", features = ["derive"] } +libc = "0.2" diff --git a/js/src/fuzz-tests/gluesmith/moz.build b/js/src/fuzz-tests/gluesmith/moz.build new file mode 100644 index 0000000000..d75c4c18ba --- /dev/null +++ b/js/src/fuzz-tests/gluesmith/moz.build @@ -0,0 +1,15 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +FINAL_LIBRARY = "js" + +# Includes should be relative to parent path +LOCAL_INCLUDES += ["!../..", "../.."] + +include("../../js-config.mozbuild") +include("../../js-cxxflags.mozbuild") + +DIRS += ["../../rust"] diff --git a/js/src/fuzz-tests/gluesmith/src/lib.rs b/js/src/fuzz-tests/gluesmith/src/lib.rs new file mode 100644 index 0000000000..41aac369a0 --- /dev/null +++ b/js/src/fuzz-tests/gluesmith/src/lib.rs @@ -0,0 +1,63 @@ +/* Copyright 2021 Mozilla Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +extern crate arbitrary; +extern crate wasm_smith; + +use arbitrary::Unstructured; +use wasm_smith::{Config, Module}; + +use std::ptr; + +#[no_mangle] +pub unsafe extern "C" fn gluesmith( + data: *mut u8, + len: usize, + out: *mut u8, + maxlen: usize, +) -> usize { + let buf: &[u8] = std::slice::from_raw_parts(data, len); + + let mut u = Unstructured::new(buf); + + let config = Config { + bulk_memory_enabled: true, + reference_types_enabled: true, + relaxed_simd_enabled: true, + exceptions_enabled: true, + memory64_enabled: true, + simd_enabled: true, + tail_call_enabled: true, + threads_enabled: true, + ..Config::default() + }; + let module = match Module::new(config, &mut u) { + Ok(m) => m, + Err(_e) => return 0, + }; + + let wasm_bytes = module.to_bytes(); + + let src_len = wasm_bytes.len(); + + if src_len > maxlen { + return 0; + } + + let src_ptr = wasm_bytes.as_ptr(); + ptr::copy_nonoverlapping(src_ptr, out, src_len); + + return src_len; +} |