Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Tree: 94b1c249a1
Branches Tags
ydb
/
library
/
cpp
/
scheme
/
tests
/
fuzz_json
/
lib
/
fuzz_json.cpp

fuzz_json.cpp 3.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 
  1. #include "fuzz_json.h"
    2. 

  2. #include "util/generic/fwd.h"
    3. 

  3. 

  4. #include <library/cpp/scheme/scheme.h>
    5. 

  5. #include <util/stream/null.h>
    6. 

  6. 

  7. namespace {
    8. 

  8.     static constexpr size_t MAX_DEPTH = 4;
    9. 

  9.     static constexpr size_t MAX_PATH_LEN = 256;
    10. 

  10.     static constexpr size_t MAX_ITERATIONS = 4;
    11. 

  11. 

  12.     void SplitOnDepth(const TStringBuf src, const size_t depth, const size_t maxPathLen,
    13. 

  13.         TStringBuf& left, TStringBuf& right)
    14. 

  14.     {
    15. 

  15.         size_t pos = 0;
    16. 

  16.         size_t prevPos = 0;
    17. 

  17.         for(size_t i = 0; i < depth; ++i) {
    18. 

  18.             if (pos > maxPathLen) {
    19. 

  19.                 break;
    20. 

  20.             }
    21. 

  21.             prevPos = pos;
    22. 

  22.             pos = src.find_first_of(TStringBuf("/]"), pos + 1);
    23. 

  23.             if (pos == TStringBuf::npos) {
    24. 

  24.                 break;
    25. 

  25.             }
    26. 

  26.         }
    27. 

  27.         if (pos == TStringBuf::npos && prevPos > 0) {
    28. 

  28.             pos = prevPos;
    29. 

  29.         }
    30. 

  30.         if (src.length() > maxPathLen)  {
    31. 

  31.             if (pos == TStringBuf::npos || pos > maxPathLen) {
    32. 

  32.                 pos = maxPathLen;
    33. 

  33.             }
    34. 

  34.         }
    35. 

  35.         if (pos == TStringBuf::npos || pos == 0) {
    36. 

  36.             left = src;
    37. 

  37.             right = TStringBuf();
    38. 

  38.         } else {
    39. 

  39.             src.SplitAt(pos + 1, left, right);
    40. 

  40.         }
    41. 

  41.     }
    42. 

  42. 

  43.     TString tmp;
    44. 

  44.     //Limit max array size in the path to 256
    45. 

  45.     TStringBuf ProcessPath(TStringBuf path) {
    46. 

  46.         size_t pos = 0;
    47. 

  47.         while(pos != TStringBuf::npos) {
    48. 

  48.             pos = path.find(']', pos + 1);
    49. 

  49.             if (pos == TStringBuf::npos) {
    50. 

  50.                 continue;
    51. 

  51.             }
    52. 

  52.             size_t open = path.rfind('[', pos);
    53. 

  53.             if (open == TStringBuf::npos) {
    54. 

  54.                 continue;
    55. 

  55.             }
    56. 

  56.             bool allDigit = true;
    57. 

  57.             for(size_t i = open + 1; i < pos; ++i) {
    58. 

  58.                 if (path[i] < '0' || path[i] > '9') {
    59. 

  59.                     allDigit = false;
    60. 

  60.                     break;
    61. 

  61.                 }
    62. 

  62.             }
    63. 

  63.             if (!allDigit) {
    64. 

  64.                 continue;
    65. 

  65.             }
    66. 

  66.             if (pos - open > 4)  {
    67. 

  67.                 TString str = TString::Join(path.Head(open + 1), "256", path.Tail(pos));
    68. 

  68.                 tmp = std::move(str);
    69. 

  69.                 path = tmp;
    70. 

  70.                 pos = (open + 1) + 3;
    71. 

  71.                 continue;
    72. 

  72.             }
    73. 

  73.         }
    74. 

  74.         return path;
    75. 

  75.     }
    76. 

  76. }
    77. 

  77. 

  78. namespace NSc::NUt {
    79. 

  79. 

  80. 

  81.     void FuzzJson(TStringBuf wire) {
    82. 

  82.         if (wire.size() < 2) {
    83. 

  83.             return;
    84. 

  84.         }
    85. 

  85. 

  86. 

  87.         ProcessPath("[123][1234][12][2134][12312312][1][12]");
    88. 

  88.         ui8 len1 = wire[0];
    89. 

  89.         ui8 len2 = wire[1];
    90. 

  90.         wire.Skip(2);
    91. 

  91.         auto json1 = wire.NextTokAt(len1);
    92. 

  92.         auto json2 = wire.NextTokAt(len2);
    93. 

  93.         NSc::TValue val1 = NSc::TValue::FromJson(json1);
    94. 

  94.         NSc::TValue val2 = NSc::TValue::FromJson(json2);
    95. 

  95.         NSc::TValue val3;
    96. 

  96.         val3.MergeUpdate(val1);
    97. 

  97. 

  98.         size_t i = 0;
    99. 

  99.         while (!wire.empty()) {
    100. 

  100.             TStringBuf path;
    101. 

  101.             SplitOnDepth(wire, MAX_DEPTH, MAX_PATH_LEN, path, wire);
    102. 

  102.             path = ProcessPath(path);
    103. 

  103.             if (auto* target = val3.TrySelectOrAdd(path)) {
    104. 

  104.                 target->MergeUpdate(val2);
    105. 

  105.             }
    106. 

  106.             ++i;
    107. 

  107.             // Release memory since there are up to MAX_DICT_SIZE * MAX_DEPTH elements
    108. 

  108.             if (i > MAX_ITERATIONS) {
    109. 

  109.                 Cnull << val3.ToJson();
    110. 

  110.                 val3 = NSc::TValue();
    111. 

  111.             }
    112. 

  112.         }
    113. 

  113.         Cnull << val3.ToJson();
    114. 

  114.     }
    115. 

  115. }
    116.