Fuzzers: Skip trying to parse invalid UTF-8 in LibJS Fuzzers

Invalid UTF-8 crashes JS::Script::Parse.
Author: https://github.com/ADKaster Commit: https://github.com/SerenityOS/serenity/commit/cabc99e953 Pull-request: https://github.com/SerenityOS/serenity/pull/17901
2024-09-30 00:31:14 +00:00 · 2023-03-17 12:59:56 -06:00 · 2023-03-17 12:59:56 -06:00 · cabc99e953 · 2024-07-17 08:35:21 +09:00
parent f7d2392b6c
commit cabc99e953
2 changed files with 12 additions and 5 deletions
--- a/Meta/Lagom/Fuzzers/FuzzJs.cpp
+++ b/Meta/Lagom/Fuzzers/FuzzJs.cpp
@ -15,6 +15,9 @@
 extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
 {
    auto js = StringView(static_cast<unsigned char const*>(data), size);
+    // FIXME: https://github.com/SerenityOS/serenity/issues/17899
+    if (!Utf8View(js).validate())
+        return 0;
    auto vm = MUST(JS::VM::create());
    auto interpreter = JS::Interpreter::create<JS::GlobalObject>(*vm);
    auto parse_result = JS::Script::parse(js, interpreter->realm());
--- a/Meta/Lagom/Fuzzers/FuzzilliJs.cpp
+++ b/Meta/Lagom/Fuzzers/FuzzilliJs.cpp
@ -210,6 +210,10 @@ int main(int, char**)

        auto js = StringView(static_cast<unsigned char const*>(data_buffer.data()), script_size);

+        // FIXME: https://github.com/SerenityOS/serenity/issues/17899
+        if (!UTF8View(js).validate()) {
+            result = 1;
+        } else {
            auto parse_result = JS::Script::parse(js, interpreter->realm());
            if (parse_result.is_error()) {
                result = 1;
@ -219,7 +223,7 @@ int main(int, char**)
                    result = 1;
                }
            }
-
+        }
        fflush(stdout);
        fflush(stderr);