| // Copyright 2016 The Chromimum Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include <cstdint> |
| |
| #include "base/test/fuzzed_data_provider.h" |
| #include "third_party/sfntly/src/cpp/src/sample/chromium/font_subsetter.h" |
| |
| extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
| constexpr int kMaxFontNameSize = 128; |
| constexpr int kMaxFontSize = 50 * 1024 * 1024; |
| base::FuzzedDataProvider fuzzed_data(data, size); |
| |
| size_t font_name_size = fuzzed_data.ConsumeUint32InRange(0, kMaxFontNameSize); |
| base::StringPiece font_name = fuzzed_data.ConsumeBytes(font_name_size); |
| |
| size_t font_str_size = fuzzed_data.ConsumeUint32InRange(0, kMaxFontSize); |
| base::StringPiece font_str = fuzzed_data.ConsumeBytes(font_str_size); |
| const unsigned char* font_data = |
| reinterpret_cast<const unsigned char*>(font_str.data()); |
| |
| base::StringPiece glyph_ids_str = fuzzed_data.ConsumeRemainingBytes(); |
| const unsigned int* glyph_ids = |
| reinterpret_cast<const unsigned int*>(glyph_ids_str.data()); |
| size_t glyph_ids_size = |
| glyph_ids_str.size() * sizeof(char) / sizeof(unsigned int); |
| |
| unsigned char* output = nullptr; |
| SfntlyWrapper::SubsetFont(font_name.data(), font_data, font_str_size, |
| glyph_ids, glyph_ids_size, &output); |
| delete[] output; |
| return 0; |
| } |