From f6b10fbe4ad7d0e5b3edace36fc4c5196e0f164a Mon Sep 17 00:00:00 2001
From: Benjamin Wright <benwright@webrtc.org>
Date: Tue, 11 Dec 2018 16:35:04 -0800
Subject: [PATCH] Basic fuzzing of rtc::s_url_decode.

rtc::s_url_decode internally calls transform on rtc::url_decode which operates
on raw char buffers. This is used in some core parts of ice server parsing so
it makes sense to add at least a basic fuzzer here. Corpus generation will be
tailored in a future CL.

Bug: webrtc:10117
Change-Id: If1685601c746c4a9f88c2a8d396eeb3f1b1688d4
Reviewed-on: https://webrtc-review.googlesource.com/c/113835
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Henrik Lundin <henrik.lundin@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#25980}
---
 test/fuzzers/BUILD.gn             |  9 +++++++++
 test/fuzzers/url_decode_fuzzer.cc | 25 +++++++++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 test/fuzzers/url_decode_fuzzer.cc

diff --git a/test/fuzzers/BUILD.gn b/test/fuzzers/BUILD.gn
index 43de5f998c..85bf373624 100644
--- a/test/fuzzers/BUILD.gn
+++ b/test/fuzzers/BUILD.gn
@@ -544,3 +544,12 @@ webrtc_fuzzer_test("frame_buffer2_fuzzer") {
     "../../system_wrappers:system_wrappers",
   ]
 }
+
+webrtc_fuzzer_test("url_decode_fuzzer") {
+  sources = [
+    "url_decode_fuzzer.cc",
+  ]
+  deps = [
+    "../../rtc_base:rtc_base_approved",
+  ]
+}
diff --git a/test/fuzzers/url_decode_fuzzer.cc b/test/fuzzers/url_decode_fuzzer.cc
new file mode 100644
index 0000000000..d47e88d852
--- /dev/null
+++ b/test/fuzzers/url_decode_fuzzer.cc
@@ -0,0 +1,25 @@
+/*
+ *  Copyright (c) 2018 The WebRTC project authors. All Rights Reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#include <stddef.h>
+#include <stdint.h>
+#include <string>
+
+#include "rtc_base/stringencode.h"
+
+namespace webrtc {
+
+// Fuzz s_url_decode which is used in ice server parsing.
+void FuzzOneInput(const uint8_t* data, size_t size) {
+  std::string url(reinterpret_cast<const char*>(data), size);
+  rtc::s_url_decode(url);
+}
+
+}  // namespace webrtc