Fix amf3 fuzz cases

ruffle-rs · Jul 5, 2024 · 99b16db · 99b16db
1 parent c18e856
commit 99b16db
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 7 deletions.
diff --git a/flash-lso/src/amf3/read.rs b/flash-lso/src/amf3/read.rs
@@ -21,6 +21,12 @@ use std::rc::Rc;
 
 const REFERENCE_FLAG: u32 = 0x01;
 
+#[cfg(fuzzing)]
+/// For fuzzing
+pub fn fuzz_read_int_signed(i: &[u8]) -> AMFResult<'_, i32> {
+    read_int_signed(i)
+}
+
 #[allow(clippy::unusual_byte_groupings)]
 fn read_int_signed(i: &[u8]) -> AMFResult<'_, i32> {
     // Read the first byte of the number
@@ -51,6 +57,12 @@ fn read_int_signed(i: &[u8]) -> AMFResult<'_, i32> {
     Ok((i, value))
 }
 
+#[cfg(fuzzing)]
+/// For fuzzing
+pub fn fuzz_read_int(i: &[u8]) -> AMFResult<'_, u32> {
+    read_int(i)
+}
+
 #[allow(clippy::unusual_byte_groupings)]
 fn read_int(i: &[u8]) -> AMFResult<'_, u32> {
     // Read the first byte of the number
@@ -158,6 +170,12 @@ impl AMF3Decoder {
         Ok((i, Rc::new(s)))
     }
 
+    #[cfg(fuzzing)]
+    /// For fuzzing
+    pub fn fuzz_parse_string<'a>(&mut self, i: &'a [u8]) -> AMFResult<'a, String> {
+        self.parse_string(i)
+    }
+
     fn parse_string<'a>(&mut self, i: &'a [u8]) -> AMFResult<'a, String> {
         let (i, bytes) = self.parse_byte_stream(i)?;
         let bytes_str =

diff --git a/fuzz/fuzz_targets/fuzz_amf0_header.rs b/fuzz/fuzz_targets/fuzz_amf0_header.rs
@@ -4,5 +4,5 @@ use libfuzzer_sys::fuzz_target;
 use flash_lso::read::Reader;
 
 fuzz_target!(|data: &[u8]| {
-    Reader::default().parse_header(data);
+    let _ = Reader::default().parse_header(data);
 });
diff --git a/fuzz/fuzz_targets/fuzz_amf3_int_signed.rs b/fuzz/fuzz_targets/fuzz_amf3_int_signed.rs
@@ -1,8 +1,8 @@
 #![no_main]
 use libfuzzer_sys::fuzz_target;
 
-use amf::amf3;
+use flash_lso::amf3::read::fuzz_read_int_signed;
 
 fuzz_target!(|data: &[u8]| {
-    amf3::read_int_signed(data);
+    let _ = fuzz_read_int_signed(data);
 });
diff --git a/fuzz/fuzz_targets/fuzz_amf3_int_unsigned.rs b/fuzz/fuzz_targets/fuzz_amf3_int_unsigned.rs
@@ -1,8 +1,8 @@
 #![no_main]
 use libfuzzer_sys::fuzz_target;
 
-use amf::amf3;
+use flash_lso::amf3::read::fuzz_read_int;
 
 fuzz_target!(|data: &[u8]| {
-    amf3::read_int(data);
+    let _ = fuzz_read_int(data);
 });
diff --git a/fuzz/fuzz_targets/fuzz_amf3_string.rs b/fuzz/fuzz_targets/fuzz_amf3_string.rs
@@ -1,8 +1,8 @@
 #![no_main]
 use libfuzzer_sys::fuzz_target;
 
-use amf::amf3;
+use flash_lso::amf3;
 
 fuzz_target!(|data: &[u8]| {
-    amf3::parse_string(data);
+    let _ = amf3::read::AMF3Decoder::default().fuzz_parse_string(data);
 });