From 37c0f7183ebc9fb44aed8a6366760efaf52c86dd Mon Sep 17 00:00:00 2001
From: Kevin Lubick <kjlubick@google.com>
Date: Thu, 22 Feb 2018 15:49:31 -0500
Subject: Add guidance for oss-fuzzer for new path version

This only changes it for the oss-fuzz executable
which allows our normal fuzz executable to repro
on older versions, if needed.

This CL also accompanies additions to the corpus
of a bunch of v4 paths.

Bug: skia:

Change-Id: I4a1a3b27f48423f2bddc73e1b8bf63b82dfa59ff
Reviewed-on: https://skia-review.googlesource.com/109560
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
---
 fuzz/oss_fuzz/FuzzPathDeserialize.cpp | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'fuzz/oss_fuzz')

diff --git a/fuzz/oss_fuzz/FuzzPathDeserialize.cpp b/fuzz/oss_fuzz/FuzzPathDeserialize.cpp
index b18f719f4f..0584d31e5b 100644
--- a/fuzz/oss_fuzz/FuzzPathDeserialize.cpp
+++ b/fuzz/oss_fuzz/FuzzPathDeserialize.cpp
@@ -28,6 +28,17 @@ void FuzzPathDeserialize(SkReadBuffer& buf) {
 
 #if defined(IS_FUZZING_WITH_LIBFUZZER)
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+    if (size < 4) {
+        return 0;
+    }
+    uint32_t packed;
+    memcpy(&packed, data, 4);
+    unsigned version = packed & 0xFF;
+    if (version != 4) {
+        // Chrome only will produce version 4, so guide the fuzzer to
+        // only focus on those branches.
+        return 0;
+    }
     SkReadBuffer buf(data, size);
     FuzzPathDeserialize(buf);
     return 0;
-- 
cgit v1.2.3