aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorGravatar Mina Farid <minafarid@google.com>2018-07-03 13:40:50 -0400
committerGravatar GitHub <noreply@github.com>2018-07-03 13:40:50 -0400
commit37edbc694d9e46c64de5263960cbcdf3e65bd6f9 (patch)
tree7e7f47e7117ec3d25042a884672e782e80931676
parent03ff392ca4e0a0c7b139904b2b853795e69a7237 (diff)
Fuzz test Serializer to decode FieldValue (#1485)
-rw-r--r--Firestore/Example/FuzzTests/FSTFuzzTestsPrincipal.mm13
1 files changed, 12 insertions, 1 deletions
diff --git a/Firestore/Example/FuzzTests/FSTFuzzTestsPrincipal.mm b/Firestore/Example/FuzzTests/FSTFuzzTestsPrincipal.mm
index 038e687..0d832c0 100644
--- a/Firestore/Example/FuzzTests/FSTFuzzTestsPrincipal.mm
+++ b/Firestore/Example/FuzzTests/FSTFuzzTestsPrincipal.mm
@@ -18,8 +18,10 @@
#include "LibFuzzer/FuzzerDefs.h"
+#include "Firestore/core/src/firebase/firestore/model/database_id.h"
#include "Firestore/core/src/firebase/firestore/remote/serializer.h"
+using firebase::firestore::model::DatabaseId;
using firebase::firestore::remote::Serializer;
namespace {
@@ -27,7 +29,16 @@ namespace {
// Fuzz-test the deserialization process in Firestore. The Serializer reads raw
// bytes and converts them to a model object.
void FuzzTestDeserialization(const uint8_t *data, size_t size) {
- // TODO(minafarid): fuzz-test Serializer.
+ DatabaseId database_id{"project", DatabaseId::kDefault};
+ Serializer serializer{database_id};
+
+ @try {
+ serializer.DecodeFieldValue(data, size);
+ } @catch (...) {
+ // Caught exceptions are ignored because the input might be malformed and
+ // the deserialization might throw an error as intended. Fuzzing focuses on
+ // runtime errors that are detected by the sanitizers.
+ }
}
// Contains the code to be fuzzed. Called by the fuzzing library with