Add guidance for oss-fuzzer for new path version

This only changes it for the oss-fuzz executable which allows our normal fuzz executable to repro on older versions, if needed. This CL also accompanies additions to the corpus of a bunch of v4 paths. Bug: skia: Change-Id: I4a1a3b27f48423f2bddc73e1b8bf63b82dfa59ff Reviewed-on: https://skia-review.googlesource.com/109560 Reviewed-by: Mike Klein <mtklein@chromium.org> Commit-Queue: Kevin Lubick <kjlubick@google.com>
author: Kevin Lubick <kjlubick@google.com> 2018-02-22 15:49:31 -0500
committer: Skia Commit-Bot <skia-commit-bot@chromium.org> 2018-02-23 13:35:37 +0000
commit: 37c0f7183ebc9fb44aed8a6366760efaf52c86dd (patch)
tree: 4536c4d7f114756b7e7245a87489609e0a51e724 /fuzz
parent: 9af35244ce13a6624f0838bcef28a66c0d60a3b6 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/fuzz/oss_fuzz/FuzzPathDeserialize.cpp b/fuzz/oss_fuzz/FuzzPathDeserialize.cpp
index b18f719f4f..0584d31e5b 100644
--- a/fuzz/oss_fuzz/FuzzPathDeserialize.cpp
+++ b/fuzz/oss_fuzz/FuzzPathDeserialize.cpp
@@ -28,6 +28,17 @@ void FuzzPathDeserialize(SkReadBuffer& buf) {
 
 #if defined(IS_FUZZING_WITH_LIBFUZZER)
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+    if (size < 4) {
+        return 0;
+    }
+    uint32_t packed;
+    memcpy(&packed, data, 4);
+    unsigned version = packed & 0xFF;
+    if (version != 4) {
+        // Chrome only will produce version 4, so guide the fuzzer to
+        // only focus on those branches.
+        return 0;
+    }
     SkReadBuffer buf(data, size);
     FuzzPathDeserialize(buf);
     return 0;
author	Kevin Lubick <kjlubick@google.com>	2018-02-22 15:49:31 -0500
committer	Skia Commit-Bot <skia-commit-bot@chromium.org>	2018-02-23 13:35:37 +0000
commit	37c0f7183ebc9fb44aed8a6366760efaf52c86dd (patch)
tree	4536c4d7f114756b7e7245a87489609e0a51e724 /fuzz
parent	9af35244ce13a6624f0838bcef28a66c0d60a3b6 (diff)