1 files changed, 40 insertions, 1 deletions

diff --git a/test/core/json/fuzzer.c b/test/core/json/fuzzer.c
index 65f89e64a4..9f430a0dca 100644
--- a/test/core/json/fuzzer.c
+++ b/test/core/json/fuzzer.c
@@ -38,13 +38,52 @@
 
 #include "src/core/lib/json/json.h"
 
+static size_t g_total_size = 0;
+static gpr_allocation_functions g_old_allocs;
+
+void *guard_malloc(size_t size) {
+  size_t *ptr;
+  g_total_size += size;
+  ptr = g_old_allocs.malloc(size + sizeof(size));
+  *ptr++ = size;
+  return ptr;
+}
+
+void *guard_realloc(void *ptr, size_t size) {
+  size_t *ptr = vptr;
+  --ptr;
+  g_total_size -= *ptr;
+  ptr = g_old_allocs.realloc(ptr, size + sizeof(size));
+  g_total_size += size;
+  *ptr++ = size;
+  return ptr;
+}
+
+void *guard_free(void *vptr) {
+  size_t *ptr = vptr;
+  --ptr;
+  g_total_size -= *ptr;
+  g_old_allocs.free(ptr);
+}
+
+struct gpr_allocation_functions g_guard_allocs = {
+  guard_malloc,
+  guard_realloc,
+  guard_free
+};
+
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
-  char *s = gpr_malloc(size);
+  char *s;
+  g_old_allocs = gpr_get_allocation_functions();
+  gpr_set_allocation_functions(g_guard_allocs);
+  s = gpr_malloc(size);
   memcpy(s, data, size);
   grpc_json *x;
   if ((x = grpc_json_parse_string_with_len(s, size))) {
     grpc_json_destroy(x);
   }
   gpr_free(s);
+  gpr_set_allocation_functions(g_old_allocs);
+  GPR_ASSERT(g_total_size == 0);
   return 0;
 }