xref: /PHP-8.0/sapi/fuzzer/fuzzer-parser.c (revision c29838c5)
1 /*
2    +----------------------------------------------------------------------+
3    | Copyright (c) The PHP Group                                          |
4    +----------------------------------------------------------------------+
5    | This source file is subject to version 3.01 of the PHP license,      |
6    | that is bundled with this package in the file LICENSE, and is        |
7    | available through the world-wide-web at the following url:           |
8    | http://www.php.net/license/3_01.txt                                  |
9    | If you did not receive a copy of the PHP license and are unable to   |
10    | obtain it through the world-wide-web, please send a note to          |
11    | license@php.net so we can mail you a copy immediately.               |
12    +----------------------------------------------------------------------+
13    | Authors: Johannes Schlüter <johanes@php.net>                         |
14    |          Stanislav Malyshev <stas@php.net>                           |
15    +----------------------------------------------------------------------+
16  */
17 
18 #include <main/php.h>
19 #include <main/php_main.h>
20 #include <main/SAPI.h>
21 #include <ext/standard/info.h>
22 #include <ext/standard/php_var.h>
23 #include <main/php_variables.h>
24 
25 #include "fuzzer.h"
26 #include "fuzzer-sapi.h"
27 
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)28 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
29 	if (Size > 32 * 1024) {
30 		/* Large inputs have a large impact on fuzzer performance,
31 		 * but are unlikely to be necessary to reach new codepaths. */
32 		return 0;
33 	}
34 
35 	fuzzer_do_request_from_buffer("fuzzer.php", (const char *) Data, Size, /* execute */ 0);
36 
37 	return 0;
38 }
39 
LLVMFuzzerInitialize(int * argc,char *** argv)40 int LLVMFuzzerInitialize(int *argc, char ***argv) {
41 	/* Compilation will often trigger fatal errors.
42 	 * Use tracked allocation mode to avoid leaks in that case. */
43 	putenv("USE_TRACKED_ALLOC=1");
44 
45 	fuzzer_init_php();
46 
47 	/* fuzzer_shutdown_php(); */
48 	return 0;
49 }
50