From adc6fb2fd56c04d0c00694ad394b6d5041133e0a Mon Sep 17 00:00:00 2001
From: akwizgran <michael@briarproject.org>
Date: Mon, 29 Oct 2018 16:44:02 +0000
Subject: [PATCH] Add fuzzing test for illegal UTF-8 byte sequences.

---
 .../data/BdfReaderImplFuzzingTest.java        | 41 +++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 bramble-core/src/test/java/org/briarproject/bramble/data/BdfReaderImplFuzzingTest.java

diff --git a/bramble-core/src/test/java/org/briarproject/bramble/data/BdfReaderImplFuzzingTest.java b/bramble-core/src/test/java/org/briarproject/bramble/data/BdfReaderImplFuzzingTest.java
new file mode 100644
index 0000000000..852e66853c
--- /dev/null
+++ b/bramble-core/src/test/java/org/briarproject/bramble/data/BdfReaderImplFuzzingTest.java
@@ -0,0 +1,41 @@
+package org.briarproject.bramble.data;
+
+import org.briarproject.bramble.test.BrambleTestCase;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.ByteArrayInputStream;
+import java.util.Random;
+
+import static org.briarproject.bramble.api.data.BdfReader.DEFAULT_MAX_BUFFER_SIZE;
+import static org.briarproject.bramble.api.data.BdfReader.DEFAULT_NESTED_LIMIT;
+import static org.briarproject.bramble.test.TestUtils.isOptionalTestEnabled;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assume.assumeTrue;
+
+public class BdfReaderImplFuzzingTest extends BrambleTestCase {
+
+	@Before
+	public void setUp() {
+		assumeTrue(isOptionalTestEnabled(BdfReaderImplFuzzingTest.class));
+	}
+
+	@Test
+	public void testStringFuzzing() throws Exception {
+		Random random = new Random();
+		byte[] buf = new byte[22];
+		ByteArrayInputStream in = new ByteArrayInputStream(buf);
+		for (int i = 0; i < 100_000_000; i++) {
+			random.nextBytes(buf);
+			buf[0] = 0x41; // String with 1-byte length
+			buf[1] = 0x14; // Length 20 bytes
+			in.reset();
+			BdfReaderImpl r = new BdfReaderImpl(in, DEFAULT_NESTED_LIMIT,
+					DEFAULT_MAX_BUFFER_SIZE);
+			int length = r.readString().length();
+			assertTrue(length >= 0);
+			assertTrue(length <= 20);
+			assertTrue(r.eof());
+		}
+	}
+}
-- 
GitLab