1 /*
2  * Copyright 2016 Google Inc.
3  *
4  * Use of this source code is governed by a BSD-style license that can be
5  * found in the LICENSE file.
6  */
7 
8 #include "Fuzz.h"
9 #include "SkString.h"
10 #include "SkParsePath.h"
11 #include <stdlib.h>
12 
13 // Most of this is taken from random_parse_path.cpp and adapted to use the Fuzz
14 // instead of SKRandom
15 
16 const struct Legal {
17     char fSymbol;
18     int fScalars;
19 } gLegal[] = {
20     { 'M', 2 },
21     { 'H', 1 },
22     { 'V', 1 },
23     { 'L', 2 },
24     { 'Q', 4 },
25     { 'T', 2 },
26     { 'C', 6 },
27     { 'S', 4 },
28     { 'A', 4 },
29     { 'Z', 0 },
30 };
31 
32 bool gEasy = false;  // set to true while debugging to suppress unusual whitespace
33 
34 // mostly do nothing, then bias towards spaces
35 const char gWhiteSpace[] = { 0, 0, 0, 0, 0, 0, 0, 0, ' ', ' ', ' ', ' ', 0x09, 0x0D, 0x0A };
36 
add_white(Fuzz * fuzz,SkString * atom)37 static void add_white(Fuzz* fuzz, SkString* atom) {
38     if (gEasy) {
39         atom->append(" ");
40         return;
41     }
42     int reps = fuzz->nextRangeU(0, 2);
43     for (int rep = 0; rep < reps; ++rep) {
44         int index = fuzz->nextRangeU(0, (int) SK_ARRAY_COUNT(gWhiteSpace) - 1);
45         if (gWhiteSpace[index]) {
46             atom->append(&gWhiteSpace[index], 1);
47         }
48     }
49 }
50 
add_comma(Fuzz * fuzz,SkString * atom)51 static void add_comma(Fuzz* fuzz, SkString* atom) {
52     if (gEasy) {
53         atom->append(",");
54         return;
55     }
56     size_t count = atom->size();
57     add_white(fuzz, atom);
58     if (fuzz->nextBool()) {
59         atom->append(",");
60     }
61     do {
62         add_white(fuzz, atom);
63     } while (count == atom->size());
64 }
65 
add_some_white(Fuzz * fuzz,SkString * atom)66 static void add_some_white(Fuzz* fuzz, SkString* atom) {
67     size_t count = atom->size();
68     do {
69         add_white(fuzz, atom);
70     } while (count == atom->size());
71 }
72 
MakeRandomParsePathPiece(Fuzz * fuzz)73 SkString MakeRandomParsePathPiece(Fuzz* fuzz) {
74     SkString atom;
75     int index = fuzz->nextRangeU(0, (int) SK_ARRAY_COUNT(gLegal) - 1);
76     const Legal& legal = gLegal[index];
77     gEasy ? atom.append("\n") : add_white(fuzz, &atom);
78     char symbol = legal.fSymbol | (fuzz->nextBool() ? 0x20 : 0);
79     atom.append(&symbol, 1);
80     int reps = fuzz->nextRangeU(1, 3);
81     for (int rep = 0; rep < reps; ++rep) {
82         for (int index = 0; index < legal.fScalars; ++index) {
83             SkScalar coord = fuzz->nextRangeF(0, 100);
84             add_white(fuzz, &atom);
85             atom.appendScalar(coord);
86             if (rep < reps - 1 && index < legal.fScalars - 1) {
87                 add_comma(fuzz, &atom);
88             } else {
89                 add_some_white(fuzz, &atom);
90             }
91             if ('A' == legal.fSymbol && 1 == index) {
92                 atom.appendScalar(fuzz->nextRangeF(-720, 720));
93                 add_comma(fuzz, &atom);
94                 atom.appendU32(fuzz->nextRangeU(0, 1));
95                 add_comma(fuzz, &atom);
96                 atom.appendU32(fuzz->nextRangeU(0, 1));
97                 add_comma(fuzz, &atom);
98             }
99         }
100     }
101     return atom;
102 }
103 
DEF_FUZZ(ParsePath,fuzz)104 DEF_FUZZ(ParsePath, fuzz) {
105     SkPath path;
106     SkString spec;
107     uint32_t count = fuzz->nextRangeU(0, 40);
108     for (uint32_t i = 0; i < count; ++i) {
109         spec.append(MakeRandomParsePathPiece(fuzz));
110     }
111     SkDebugf("SkParsePath::FromSVGString(%s, &path);\n",spec.c_str());
112     if (!SkParsePath::FromSVGString(spec.c_str(), &path)){
113         fuzz->signalBug();
114     }
115 }
116