xref: /PHP-8.4/sapi/fuzzer/fuzzer-parser.c (revision 5d05f810)
1 /*
2    +----------------------------------------------------------------------+
3    | Copyright (c) The PHP Group                                          |
4    +----------------------------------------------------------------------+
5    | This source file is subject to version 3.01 of the PHP license,      |
6    | that is bundled with this package in the file LICENSE, and is        |
7    | available through the world-wide-web at the following url:           |
8    | https://www.php.net/license/3_01.txt                                 |
9    | If you did not receive a copy of the PHP license and are unable to   |
10    | obtain it through the world-wide-web, please send a note to          |
11    | license@php.net so we can mail you a copy immediately.               |
12    +----------------------------------------------------------------------+
13    | Authors: Johannes Schlüter <johanes@php.net>                         |
14    |          Stanislav Malyshev <stas@php.net>                           |
15    +----------------------------------------------------------------------+
16  */
17 
18 #include <main/php.h>
19 #include <main/php_main.h>
20 #include <main/SAPI.h>
21 #include <ext/standard/info.h>
22 #include <ext/standard/php_var.h>
23 #include <main/php_variables.h>
24 
25 #include "fuzzer.h"
26 #include "fuzzer-sapi.h"
27 
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)28 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
29 	if (Size > 6 * 1024) {
30 		/* Large inputs have a large impact on fuzzer performance and may cause stack overflows,
31 		 * but are unlikely to be necessary to reach new codepaths. */
32 		return 0;
33 	}
34 
35 	fuzzer_do_request_from_buffer(
36 		"fuzzer.php", (const char *) Data, Size, /* execute */ 0, /* before_shutdown */ NULL);
37 
38 	return 0;
39 }
40 
LLVMFuzzerInitialize(int * argc,char *** argv)41 int LLVMFuzzerInitialize(int *argc, char ***argv) {
42 	/* Compilation will often trigger fatal errors.
43 	 * Use tracked allocation mode to avoid leaks in that case. */
44 	putenv("USE_TRACKED_ALLOC=1");
45 
46 	fuzzer_init_php(NULL);
47 
48 	/* fuzzer_shutdown_php(); */
49 	return 0;
50 }
51