🚑 added special case to fuzzers to fix #504

Since #329, NaN and inf numbers do not yield an exception, but are stored internally and are dumped as “null”. This commit adjusts the fuzz testers to deal with this special case.
2017-03-14 21:05:38 +01:00 · 2017-03-14 21:05:38 +01:00 · b026591e9e
commit b026591e9e
parent bfe4788e32
4 changed files with 96 additions and 6 deletions
--- a/test/src/fuzzer-parse_cbor.cpp
+++ b/test/src/fuzzer-parse_cbor.cpp
@ -41,8 +41,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
            // parse serialization
            json j2 = json::from_cbor(vec2);

-            // deserializations must match
-            assert(j1 == j2);
+            // serializations must match
+            assert(json::to_cbor(j2) == vec2);
        }
        catch (const json::parse_error&)
        {
--- a/test/src/unit-regression.cpp
+++ b/test/src/unit-regression.cpp
@ -909,4 +909,24 @@ TEST_CASE("regression tests")

        CHECK(j["bool_vector"].dump() == "[false,true,false,false]");
    }
+
+    SECTION("issue #504 - assertion error (OSS-Fuzz 856)")
+    {
+        std::vector<uint8_t> vec1 = {0xf9, 0xff, 0xff, 0x4a, 0x3a, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x01, 0x37, 0x02, 0x38};
+        json j1 = json::from_cbor(vec1);
+
+        // step 2: round trip
+        std::vector<uint8_t> vec2 = json::to_cbor(j1);
+
+        // parse serialization
+        json j2 = json::from_cbor(vec2);
+
+        // NaN is dumped to "null"
+        CHECK(j2.is_number_float());
+        CHECK(std::isnan(j2.get<json::number_float_t>()));
+        CHECK(j2.dump() == "null");
+
+        // check if serializations match
+        CHECK(json::to_cbor(j2) == vec2);
+    }
 }