summaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorRobert Loehning <robert.loehning@qt.io>2018-11-12 14:27:00 +0100
committerRobert Loehning <robert.loehning@qt.io>2019-04-23 09:40:52 +0000
commitebc45299ccf4750cfc0b93c39a60f94b7ec4ea7f (patch)
treee4ae56fd81c696d736d01d7162cd940f9481da30 /tests
parent0cf8e2fb974370fd6d370f92fa22fa2245bcebb0 (diff)
Add libfuzzer test for QJSEngine::evaluate()
Task-number: QTBUG-72734 Task-number: QTBUG-73985 Task-number: QTBUG-73999 Task-number: QTBUG-74048 Task-number: QTBUG-74058 Change-Id: I6cd99e31220e96b24338f5daa80d6f726ea33812 Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
Diffstat (limited to 'tests')
-rw-r--r--tests/libfuzzer/qml/jsapi/evaluate/evaluate.pro6
-rw-r--r--tests/libfuzzer/qml/jsapi/evaluate/main.cpp43
2 files changed, 49 insertions, 0 deletions
diff --git a/tests/libfuzzer/qml/jsapi/evaluate/evaluate.pro b/tests/libfuzzer/qml/jsapi/evaluate/evaluate.pro
new file mode 100644
index 0000000000..301b4f606a
--- /dev/null
+++ b/tests/libfuzzer/qml/jsapi/evaluate/evaluate.pro
@@ -0,0 +1,6 @@
+QT -= gui
+QT += qml
+CONFIG += console
+CONFIG -= app_bundle
+SOURCES += main.cpp
+LIBS += -fsanitize=fuzzer
diff --git a/tests/libfuzzer/qml/jsapi/evaluate/main.cpp b/tests/libfuzzer/qml/jsapi/evaluate/main.cpp
new file mode 100644
index 0000000000..9e90ba7cbd
--- /dev/null
+++ b/tests/libfuzzer/qml/jsapi/evaluate/main.cpp
@@ -0,0 +1,43 @@
+/****************************************************************************
+**
+** Copyright (C) 2018 The Qt Company Ltd.
+** Contact: https://www.qt.io/licensing/
+**
+** This file is part of the test suite of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:GPL-EXCEPT$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 3 as published by the Free Software
+** Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-3.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#include <QCoreApplication>
+#include <QJSEngine>
+
+// libfuzzer test for QJSEngine::evaluate()
+
+extern "C" int LLVMFuzzerTestOneInput(const char *Data, size_t Size) {
+ const QByteArray ba(Data, Size);
+ // avoid potential endless loops
+ if (ba.contains("for") || ba.contains("while"))
+ return 1;
+ int c = 0;
+ QCoreApplication a(c, nullptr);
+ QJSEngine().evaluate(ba);
+ return 0;
+}