14514f5e3Sopenharmony_ci/* 24514f5e3Sopenharmony_ci * Copyright (c) 2023 Huawei Device Co., Ltd. 34514f5e3Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 44514f5e3Sopenharmony_ci * you may not use this file except in compliance with the License. 54514f5e3Sopenharmony_ci * You may obtain a copy of the License at 64514f5e3Sopenharmony_ci * 74514f5e3Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 84514f5e3Sopenharmony_ci * 94514f5e3Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 104514f5e3Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 114514f5e3Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 124514f5e3Sopenharmony_ci * See the License for the specific language governing permissions and 134514f5e3Sopenharmony_ci * limitations under the License. 144514f5e3Sopenharmony_ci */ 154514f5e3Sopenharmony_ci 164514f5e3Sopenharmony_ci#include "publicapilocalregexpref_fuzzer.h" 174514f5e3Sopenharmony_ci#include "ecmascript/base/string_helper.h" 184514f5e3Sopenharmony_ci#include "ecmascript/global_env.h" 194514f5e3Sopenharmony_ci#include "ecmascript/js_regexp.h" 204514f5e3Sopenharmony_ci#include "ecmascript/napi/include/jsnapi.h" 214514f5e3Sopenharmony_ci#include "ecmascript/napi/jsnapi_helper.h" 224514f5e3Sopenharmony_ci 234514f5e3Sopenharmony_ciusing namespace panda; 244514f5e3Sopenharmony_ciusing namespace panda::ecmascript; 254514f5e3Sopenharmony_ci 264514f5e3Sopenharmony_cinamespace OHOS { 274514f5e3Sopenharmony_civoid LocalRegExpGetOriginalSourceFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 284514f5e3Sopenharmony_ci{ 294514f5e3Sopenharmony_ci RuntimeOption option; 304514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 314514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 324514f5e3Sopenharmony_ci { 334514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 344514f5e3Sopenharmony_ci if (size <= 0) { 354514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 364514f5e3Sopenharmony_ci return; 374514f5e3Sopenharmony_ci } 384514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 394514f5e3Sopenharmony_ci ObjectFactory *factory = vm->GetFactory(); 404514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 414514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 424514f5e3Sopenharmony_ci JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto); 434514f5e3Sopenharmony_ci JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass)); 444514f5e3Sopenharmony_ci jSRegExp->SetByteCodeBuffer(thread, JSTaggedValue::Undefined()); 454514f5e3Sopenharmony_ci jSRegExp->SetOriginalSource(thread, JSTaggedValue::Undefined()); 464514f5e3Sopenharmony_ci jSRegExp->SetGroupName(thread, JSTaggedValue::Undefined()); 474514f5e3Sopenharmony_ci jSRegExp->SetOriginalFlags(thread, JSTaggedValue(0)); 484514f5e3Sopenharmony_ci jSRegExp->SetLength(0); 494514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp); 504514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 514514f5e3Sopenharmony_ci object->GetOriginalSource(vm); 524514f5e3Sopenharmony_ci } 534514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 544514f5e3Sopenharmony_ci} 554514f5e3Sopenharmony_ci 564514f5e3Sopenharmony_civoid LocalRegExpRefGetOriginalFlagsFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 574514f5e3Sopenharmony_ci{ 584514f5e3Sopenharmony_ci RuntimeOption option; 594514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 604514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 614514f5e3Sopenharmony_ci { 624514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 634514f5e3Sopenharmony_ci if (size <= 0) { 644514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 654514f5e3Sopenharmony_ci return; 664514f5e3Sopenharmony_ci } 674514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 684514f5e3Sopenharmony_ci ObjectFactory *factory = vm->GetFactory(); 694514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 704514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 714514f5e3Sopenharmony_ci JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto); 724514f5e3Sopenharmony_ci JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass)); 734514f5e3Sopenharmony_ci jSRegExp->SetByteCodeBuffer(thread, JSTaggedValue::Undefined()); 744514f5e3Sopenharmony_ci jSRegExp->SetOriginalSource(thread, JSTaggedValue::Undefined()); 754514f5e3Sopenharmony_ci jSRegExp->SetGroupName(thread, JSTaggedValue::Undefined()); 764514f5e3Sopenharmony_ci jSRegExp->SetOriginalFlags(thread, JSTaggedValue(0)); 774514f5e3Sopenharmony_ci jSRegExp->SetLength(0); 784514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp); 794514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 804514f5e3Sopenharmony_ci object->GetOriginalFlags(vm); 814514f5e3Sopenharmony_ci } 824514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 834514f5e3Sopenharmony_ci} 844514f5e3Sopenharmony_ci 854514f5e3Sopenharmony_civoid LocalRegExpIsGlobalRefFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 864514f5e3Sopenharmony_ci{ 874514f5e3Sopenharmony_ci RuntimeOption option; 884514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 894514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 904514f5e3Sopenharmony_ci { 914514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 924514f5e3Sopenharmony_ci if (size <= 0) { 934514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 944514f5e3Sopenharmony_ci return; 954514f5e3Sopenharmony_ci } 964514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 974514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 984514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 994514f5e3Sopenharmony_ci JSHandle<JSGlobalObject> globalObject = JSHandle<JSGlobalObject>::Cast(proto); 1004514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(globalObject); 1014514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 1024514f5e3Sopenharmony_ci object->IsGlobal(vm); 1034514f5e3Sopenharmony_ci } 1044514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 1054514f5e3Sopenharmony_ci} 1064514f5e3Sopenharmony_ci 1074514f5e3Sopenharmony_civoid LocalRegExpIsIgnoreCaseFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 1084514f5e3Sopenharmony_ci{ 1094514f5e3Sopenharmony_ci RuntimeOption option; 1104514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 1114514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 1124514f5e3Sopenharmony_ci { 1134514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 1144514f5e3Sopenharmony_ci if (size <= 0) { 1154514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 1164514f5e3Sopenharmony_ci return; 1174514f5e3Sopenharmony_ci } 1184514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 1194514f5e3Sopenharmony_ci ObjectFactory *factory = vm->GetFactory(); 1204514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 1214514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 1224514f5e3Sopenharmony_ci JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto); 1234514f5e3Sopenharmony_ci JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass)); 1244514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp); 1254514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 1264514f5e3Sopenharmony_ci object->IsIgnoreCase(vm); 1274514f5e3Sopenharmony_ci } 1284514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 1294514f5e3Sopenharmony_ci} 1304514f5e3Sopenharmony_ci 1314514f5e3Sopenharmony_civoid LocalRegExpIsMultilineFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 1324514f5e3Sopenharmony_ci{ 1334514f5e3Sopenharmony_ci RuntimeOption option; 1344514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 1354514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 1364514f5e3Sopenharmony_ci { 1374514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 1384514f5e3Sopenharmony_ci if (size <= 0) { 1394514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 1404514f5e3Sopenharmony_ci return; 1414514f5e3Sopenharmony_ci } 1424514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 1434514f5e3Sopenharmony_ci ObjectFactory *factory = vm->GetFactory(); 1444514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 1454514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 1464514f5e3Sopenharmony_ci JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto); 1474514f5e3Sopenharmony_ci JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass)); 1484514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp); 1494514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 1504514f5e3Sopenharmony_ci object->IsMultiline(vm); 1514514f5e3Sopenharmony_ci } 1524514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 1534514f5e3Sopenharmony_ci} 1544514f5e3Sopenharmony_ci 1554514f5e3Sopenharmony_civoid LocalRegExpIsDotAllFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 1564514f5e3Sopenharmony_ci{ 1574514f5e3Sopenharmony_ci RuntimeOption option; 1584514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 1594514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 1604514f5e3Sopenharmony_ci { 1614514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 1624514f5e3Sopenharmony_ci if (size <= 0) { 1634514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 1644514f5e3Sopenharmony_ci return; 1654514f5e3Sopenharmony_ci } 1664514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 1674514f5e3Sopenharmony_ci ObjectFactory *factory = vm->GetFactory(); 1684514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 1694514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 1704514f5e3Sopenharmony_ci JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto); 1714514f5e3Sopenharmony_ci JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass)); 1724514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp); 1734514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 1744514f5e3Sopenharmony_ci object->IsDotAll(vm); 1754514f5e3Sopenharmony_ci } 1764514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 1774514f5e3Sopenharmony_ci} 1784514f5e3Sopenharmony_ci 1794514f5e3Sopenharmony_civoid LocalRegExpIsUtf16FuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 1804514f5e3Sopenharmony_ci{ 1814514f5e3Sopenharmony_ci RuntimeOption option; 1824514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 1834514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 1844514f5e3Sopenharmony_ci { 1854514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 1864514f5e3Sopenharmony_ci if (size <= 0) { 1874514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 1884514f5e3Sopenharmony_ci return; 1894514f5e3Sopenharmony_ci } 1904514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 1914514f5e3Sopenharmony_ci ObjectFactory *factory = vm->GetFactory(); 1924514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 1934514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 1944514f5e3Sopenharmony_ci JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto); 1954514f5e3Sopenharmony_ci JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass)); 1964514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp); 1974514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 1984514f5e3Sopenharmony_ci object->IsUtf16(vm); 1994514f5e3Sopenharmony_ci } 2004514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 2014514f5e3Sopenharmony_ci} 2024514f5e3Sopenharmony_ci 2034514f5e3Sopenharmony_civoid LocalRegExpIsSticklFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) 2044514f5e3Sopenharmony_ci{ 2054514f5e3Sopenharmony_ci RuntimeOption option; 2064514f5e3Sopenharmony_ci option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 2074514f5e3Sopenharmony_ci EcmaVM *vm = JSNApi::CreateJSVM(option); 2084514f5e3Sopenharmony_ci { 2094514f5e3Sopenharmony_ci JsiFastNativeScope scope(vm); 2104514f5e3Sopenharmony_ci if (size <= 0) { 2114514f5e3Sopenharmony_ci LOG_ECMA(ERROR) << "illegal input!"; 2124514f5e3Sopenharmony_ci return; 2134514f5e3Sopenharmony_ci } 2144514f5e3Sopenharmony_ci JSThread *thread = vm->GetJSThread(); 2154514f5e3Sopenharmony_ci ObjectFactory *factory = vm->GetFactory(); 2164514f5e3Sopenharmony_ci auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); 2174514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> proto = globalEnv->GetObjectFunctionPrototype(); 2184514f5e3Sopenharmony_ci JSHandle<JSHClass> jSRegExpClass = factory->NewEcmaHClass(JSRegExp::SIZE, JSType::JS_REG_EXP, proto); 2194514f5e3Sopenharmony_ci JSHandle<JSRegExp> jSRegExp = JSHandle<JSRegExp>::Cast(factory->NewJSObject(jSRegExpClass)); 2204514f5e3Sopenharmony_ci JSHandle<JSTaggedValue> jsregtag = JSHandle<JSTaggedValue>::Cast(jSRegExp); 2214514f5e3Sopenharmony_ci Local<RegExpRef> object = JSNApiHelper::ToLocal<RegExpRef>(jsregtag); 2224514f5e3Sopenharmony_ci object->IsStick(vm); 2234514f5e3Sopenharmony_ci } 2244514f5e3Sopenharmony_ci JSNApi::DestroyJSVM(vm); 2254514f5e3Sopenharmony_ci} 2264514f5e3Sopenharmony_ci} 2274514f5e3Sopenharmony_ci 2284514f5e3Sopenharmony_ci// Fuzzer entry point. 2294514f5e3Sopenharmony_ciextern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) 2304514f5e3Sopenharmony_ci{ 2314514f5e3Sopenharmony_ci // Run your code on data. 2324514f5e3Sopenharmony_ci OHOS::LocalRegExpGetOriginalSourceFuzzTest(data, size); 2334514f5e3Sopenharmony_ci OHOS::LocalRegExpRefGetOriginalFlagsFuzzTest(data, size); 2344514f5e3Sopenharmony_ci OHOS::LocalRegExpIsGlobalRefFuzzTest(data, size); 2354514f5e3Sopenharmony_ci OHOS::LocalRegExpIsIgnoreCaseFuzzTest(data, size); 2364514f5e3Sopenharmony_ci OHOS::LocalRegExpIsMultilineFuzzTest(data, size); 2374514f5e3Sopenharmony_ci OHOS::LocalRegExpIsDotAllFuzzTest(data, size); 2384514f5e3Sopenharmony_ci OHOS::LocalRegExpIsUtf16FuzzTest(data, size); 2394514f5e3Sopenharmony_ci OHOS::LocalRegExpIsSticklFuzzTest(data, size); 2404514f5e3Sopenharmony_ci return 0; 2414514f5e3Sopenharmony_ci}