1 // SPDX-License-Identifier: Apache-2.0
2 
3 #include <stddef.h>
4 #include <stdint.h>
5 
6 #include <ziparchive/zip_writer.h>
7 #include "fuzzer/FuzzedDataProvider.h"
8 
9 // See current fuzz coverage here:
10 // https://android-coverage.googleplex.com/fuzz_targets/libziparchive_writer_fuzzer/index.html
11 
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)12 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
13   FuzzedDataProvider provider(data, size);
14 
15   std::unique_ptr<std::FILE, decltype(&fclose)> fp(fopen("fuzz", "wb"),
16                                                    &fclose);
17   if (!fp) {
18     return 0;
19   }
20   ZipWriter writer(fp.get());
21   for (int i = 0; i < 2; i++) {
22     if (provider.remaining_bytes() == 0) {
23       break;
24     }
25     auto path = provider.ConsumeRandomLengthString();
26     if (writer.StartEntry(path, path.size()) == 0) {
27       for (int j = 0; j < 2; j++) {
28         if (provider.remaining_bytes() == 0) {
29           break;
30         }
31         const size_t next_size = provider.ConsumeIntegralInRange<size_t>(
32             0, provider.remaining_bytes());
33         auto next_buf = provider.ConsumeBytes<uint8_t>(next_size);
34         writer.WriteBytes(next_buf.data(), next_buf.size());
35       }
36       writer.FinishEntry();
37     }
38   }
39   writer.Finish();
40   return 0;
41 }
42