diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/data_fuzz_parse/basic.xml | 1 | ||||
| -rw-r--r-- | tests/data_fuzz_parse/doctype.xml | 1 | ||||
| -rw-r--r-- | tests/data_fuzz_parse/refs.xml | 1 | ||||
| -rw-r--r-- | tests/data_fuzz_parse/types.xml | 1 | ||||
| -rw-r--r-- | tests/data_fuzz_parse/utf16.xml | bin | 0 -> 700 bytes | |||
| -rw-r--r-- | tests/data_fuzz_parse/utf32.xml | bin | 0 -> 652 bytes | |||
| -rw-r--r-- | tests/fuzz_parse.cpp | 16 | ||||
| -rw-r--r-- | tests/test_parse.cpp | 14 |
8 files changed, 34 insertions, 0 deletions
diff --git a/tests/data_fuzz_parse/basic.xml b/tests/data_fuzz_parse/basic.xml new file mode 100644 index 0000000..a8eaa09 --- /dev/null +++ b/tests/data_fuzz_parse/basic.xml @@ -0,0 +1 @@ +<node attr="value" />
\ No newline at end of file diff --git a/tests/data_fuzz_parse/doctype.xml b/tests/data_fuzz_parse/doctype.xml new file mode 100644 index 0000000..dd1831d --- /dev/null +++ b/tests/data_fuzz_parse/doctype.xml @@ -0,0 +1 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!DOCTYPE [ <!ELEMENT p (#PCDATA|emph)* > ]>
<!DOCTYPE foo [ <![INCLUDE[<!ATTLIST foo bar CDATA #IMPLIED>]]> <![IGNORE[some junk]]> ]>
<!DOCTYPE root [ <!ELEMENT a EMPTY> <!ATTLIST a attr1 CDATA "&ge1;"> <!--* GE reference in attr default before declaration *--> <!ENTITY ge1 "abcdef"> ]>
<node/>
\ No newline at end of file diff --git a/tests/data_fuzz_parse/refs.xml b/tests/data_fuzz_parse/refs.xml new file mode 100644 index 0000000..e42df5f --- /dev/null +++ b/tests/data_fuzz_parse/refs.xml @@ -0,0 +1 @@ +<?xml version='1.0'?>
<node enc='< > & " '  «'>
pcdata < > & " '  «
&unknown; %entity;
</node>
\ No newline at end of file diff --git a/tests/data_fuzz_parse/types.xml b/tests/data_fuzz_parse/types.xml new file mode 100644 index 0000000..dc6369a --- /dev/null +++ b/tests/data_fuzz_parse/types.xml @@ -0,0 +1 @@ +<?xml version='1.0'?>
<!DOCTYPE html>
<node attr="value">
<child/>
pcdata
<![CDATA[ test ]]>
<!-- comment - -->
<?pi value?>
</node>
\ No newline at end of file diff --git a/tests/data_fuzz_parse/utf16.xml b/tests/data_fuzz_parse/utf16.xml Binary files differnew file mode 100644 index 0000000..3847a93 --- /dev/null +++ b/tests/data_fuzz_parse/utf16.xml diff --git a/tests/data_fuzz_parse/utf32.xml b/tests/data_fuzz_parse/utf32.xml Binary files differnew file mode 100644 index 0000000..51b8a89 --- /dev/null +++ b/tests/data_fuzz_parse/utf32.xml diff --git a/tests/fuzz_parse.cpp b/tests/fuzz_parse.cpp new file mode 100644 index 0000000..e758196 --- /dev/null +++ b/tests/fuzz_parse.cpp @@ -0,0 +1,16 @@ +#include "../src/pugixml.hpp" +#include "allocator.hpp" + +int main(int argc, const char** argv) +{ + pugi::set_memory_management_functions(memory_allocate, memory_deallocate); + + pugi::xml_document doc; + + for (int i = 1; i < argc; ++i) + { + doc.load_file(argv[i]); + doc.load_file(argv[i], pugi::parse_minimal); + doc.load_file(argv[i], pugi::parse_full); + } +} diff --git a/tests/test_parse.cpp b/tests/test_parse.cpp index 1b1e807..7bb2663 100644 --- a/tests/test_parse.cpp +++ b/tests/test_parse.cpp @@ -1091,3 +1091,17 @@ TEST(parse_close_tag_eof) CHECK(doc.load_buffer_inplace(test2, 12 * sizeof(char_t)).status == status_end_element_mismatch); CHECK_STRING(doc.first_child().name(), STR("node")); } + +TEST(parse_fuzz_doctype) +{ + unsigned char data[] = + { + 0x3b, 0x3c, 0x21, 0x44, 0x4f, 0x43, 0x54, 0x59, 0x50, 0x45, 0xef, 0xbb, 0xbf, 0x3c, 0x3f, 0x78, + 0x6d, 0x6c, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3d, 0x22, 0x31, 0x2e, 0x30, 0x22, + 0x3f, 0x3e, 0x3c, 0x21, 0x2d, 0x2d, 0x20, 0xe9, 0x80, 0xb1, 0xe5, 0xa0, 0xb1, 0xe3, 0x82, 0xb4, + 0xe3, 0x83, 0xb3, 0x20, 0xef, 0x83, 0x97, 0xe3, 0xa9, 0x2a, 0x20, 0x2d, 0x2d, 0x3e + }; + + xml_document doc; + CHECK(doc.load_buffer(data, sizeof(data)).status == status_bad_doctype); +} |