From cd57dae62ff80ad371ebcb3fe63731ebbf7ef808 Mon Sep 17 00:00:00 2001 From: Robert Loehning Date: Fri, 20 Mar 2020 11:54:14 +0100 Subject: [PATCH] Fuzzing: Add QGuiApplication to gui fuzz targets Change-Id: I3713701f63d9d8938fbb42ad1ae2f0c4ae813e94 Reviewed-by: Shawn Rutledge --- .../qcolorspace/fromiccprofile/fromiccprofile.pro | 1 + .../gui/painting/qcolorspace/fromiccprofile/main.cpp | 8 ++++++-- .../libfuzzer/gui/text/qtextdocument/sethtml/main.cpp | 10 +++++++--- .../gui/text/qtextdocument/sethtml/sethtml.pro | 3 ++- .../gui/text/qtextdocument/setmarkdown/main.cpp | 7 +++++++ .../gui/text/qtextdocument/setmarkdown/setmarkdown.pro | 4 ++-- .../gui/text/qtextlayout/beginlayout/beginlayout.pro | 3 ++- .../gui/text/qtextlayout/beginlayout/main.cpp | 7 +++++++ 8 files changed, 34 insertions(+), 9 deletions(-) diff --git a/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro index 934ff810773..bed2198e0dc 100644 --- a/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro +++ b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro @@ -1,4 +1,5 @@ QT += gui +QTPLUGIN *= qminimal SOURCES += main.cpp FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) isEmpty(FUZZ_ENGINE) { diff --git a/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/main.cpp b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/main.cpp index 7681c1468e5..f663727d1a5 100644 --- a/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/main.cpp +++ b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/main.cpp @@ -34,8 +34,12 @@ // to reduce noise and increase speed. extern "C" int LLVMFuzzerTestOneInput(const char *data, size_t size) { - static int c = 0; - static QGuiApplication a(c, nullptr); + static int argc = 3; + static char arg1[] = "fuzzer"; + static char arg2[] = "-platform"; + static char arg3[] = "minimal"; + static char *argv[] = {arg1, arg2, arg3, nullptr}; + static QGuiApplication qga(argc, argv); QColorSpace cs = QColorSpace::fromIccProfile(QByteArray::fromRawData(data, size)); return 0; } diff --git a/tests/libfuzzer/gui/text/qtextdocument/sethtml/main.cpp b/tests/libfuzzer/gui/text/qtextdocument/sethtml/main.cpp index 51fa3c9e0fb..ed2a5c4e373 100644 --- a/tests/libfuzzer/gui/text/qtextdocument/sethtml/main.cpp +++ b/tests/libfuzzer/gui/text/qtextdocument/sethtml/main.cpp @@ -26,12 +26,16 @@ ** ****************************************************************************/ -#include +#include #include extern "C" int LLVMFuzzerTestOneInput(const char *Data, size_t Size) { - static int c = 0; - static QApplication a(c, nullptr); + static int argc = 3; + static char arg1[] = "fuzzer"; + static char arg2[] = "-platform"; + static char arg3[] = "minimal"; + static char *argv[] = {arg1, arg2, arg3, nullptr}; + static QGuiApplication qga(argc, argv); QTextDocument().setHtml(QByteArray::fromRawData(Data, Size)); return 0; } diff --git a/tests/libfuzzer/gui/text/qtextdocument/sethtml/sethtml.pro b/tests/libfuzzer/gui/text/qtextdocument/sethtml/sethtml.pro index af5ef9e940e..bed2198e0dc 100644 --- a/tests/libfuzzer/gui/text/qtextdocument/sethtml/sethtml.pro +++ b/tests/libfuzzer/gui/text/qtextdocument/sethtml/sethtml.pro @@ -1,4 +1,5 @@ -QT += widgets +QT += gui +QTPLUGIN *= qminimal SOURCES += main.cpp FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) isEmpty(FUZZ_ENGINE) { diff --git a/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/main.cpp b/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/main.cpp index 66ddf738f20..6093da9827d 100644 --- a/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/main.cpp +++ b/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/main.cpp @@ -26,9 +26,16 @@ ** ****************************************************************************/ +#include #include extern "C" int LLVMFuzzerTestOneInput(const char *Data, size_t Size) { + static int argc = 3; + static char arg1[] = "fuzzer"; + static char arg2[] = "-platform"; + static char arg3[] = "minimal"; + static char *argv[] = {arg1, arg2, arg3, nullptr}; + static QGuiApplication qga(argc, argv); QTextDocument().setMarkdown(QByteArray::fromRawData(Data, Size)); return 0; } diff --git a/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/setmarkdown.pro b/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/setmarkdown.pro index 758622e1af9..bed2198e0dc 100644 --- a/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/setmarkdown.pro +++ b/tests/libfuzzer/gui/text/qtextdocument/setmarkdown/setmarkdown.pro @@ -1,5 +1,5 @@ -CONFIG += console -CONFIG -= app_bundle +QT += gui +QTPLUGIN *= qminimal SOURCES += main.cpp FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) isEmpty(FUZZ_ENGINE) { diff --git a/tests/libfuzzer/gui/text/qtextlayout/beginlayout/beginlayout.pro b/tests/libfuzzer/gui/text/qtextlayout/beginlayout/beginlayout.pro index af5ef9e940e..bed2198e0dc 100644 --- a/tests/libfuzzer/gui/text/qtextlayout/beginlayout/beginlayout.pro +++ b/tests/libfuzzer/gui/text/qtextlayout/beginlayout/beginlayout.pro @@ -1,4 +1,5 @@ -QT += widgets +QT += gui +QTPLUGIN *= qminimal SOURCES += main.cpp FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) isEmpty(FUZZ_ENGINE) { diff --git a/tests/libfuzzer/gui/text/qtextlayout/beginlayout/main.cpp b/tests/libfuzzer/gui/text/qtextlayout/beginlayout/main.cpp index dfb95592410..27e0566c2cf 100644 --- a/tests/libfuzzer/gui/text/qtextlayout/beginlayout/main.cpp +++ b/tests/libfuzzer/gui/text/qtextlayout/beginlayout/main.cpp @@ -26,9 +26,16 @@ ** ****************************************************************************/ +#include #include extern "C" int LLVMFuzzerTestOneInput(const char *Data, size_t Size) { + static int argc = 3; + static char arg1[] = "fuzzer"; + static char arg2[] = "-platform"; + static char arg3[] = "minimal"; + static char *argv[] = {arg1, arg2, arg3, nullptr}; + static QGuiApplication qga(argc, argv); QTextLayout tl(QByteArray::fromRawData(Data, Size)); tl.beginLayout(); tl.endLayout();