Google Git
Sign in
quiche/quiche.git/7bd276b7fe1ea8ec0ac3a05084b03cba75bec93f^!/.
commit
7bd276b7fe1ea8ec0ac3a05084b03cba75bec93f
[log] [tgz]
author
bnc <bnc@google.com>
Fri Aug 09 12:36:42 2019 -0700
committer
Copybara-Service <copybara-worker@google.com>
Fri Aug 09 12:37:45 2019 -0700
tree
a12fdb85c1e6bf95403493568720ce7c2bf76d82
parent
970656fcae08c22aa3bde1d2df72090aa835b4ff [diff]
Crash on invalid encoder or decoder stream data in qpack_round_trip_fuzzer.cc.

Since encoder stream data is generated by QpackEncoder and decoder stream data
is generated by QpackDecoder, data must not be corrupt.  A crash would mean
there is a bug in our implementation.

gfe-relnote: n/a, change in QPACK fuzzer only.
PiperOrigin-RevId: 262612270
Change-Id: I5b2d69b8bbceb25aec805f819cf2141cc744a970

diff --git a/quic/core/qpack/fuzzer/qpack_round_trip_fuzzer.cc b/quic/core/qpack/fuzzer/qpack_round_trip_fuzzer.cc
index f44863b..84accd0 100644
--- a/quic/core/qpack/fuzzer/qpack_round_trip_fuzzer.cc
+++ b/quic/core/qpack/fuzzer/qpack_round_trip_fuzzer.cc

@@ -7,8 +7,9 @@
 #include <cstdint>
 #include <string>
 
+#include "net/third_party/quiche/src/quic/core/qpack/qpack_decoder.h"
 #include "net/third_party/quiche/src/quic/core/qpack/qpack_decoder_test_utils.h"
-#include "net/third_party/quiche/src/quic/core/qpack/qpack_encoder_test_utils.h"
+#include "net/third_party/quiche/src/quic/core/qpack/qpack_encoder.h"
 #include "net/third_party/quiche/src/quic/core/qpack/qpack_utils.h"
 #include "net/third_party/quiche/src/quic/core/qpack/value_splitting_header_list.h"
 #include "net/third_party/quiche/src/quic/platform/api/quic_fuzzed_data_provider.h"
@@ -17,6 +18,28 @@
 namespace quic {
 namespace test {
 
+// DecoderStreamErrorDelegate implementation that crashes on error.
+class CrashingDecoderStreamErrorDelegate
+    : public QpackEncoder::DecoderStreamErrorDelegate {
+ public:
+  ~CrashingDecoderStreamErrorDelegate() override = default;
+
+  void OnDecoderStreamError(QuicStringPiece error_message) override {
+    CHECK(false) << error_message;
+  }
+};
+
+// EncoderStreamErrorDelegate implementation that crashes on error.
+class CrashingEncoderStreamErrorDelegate
+    : public QpackDecoder::EncoderStreamErrorDelegate {
+ public:
+  ~CrashingEncoderStreamErrorDelegate() override = default;
+
+  void OnEncoderStreamError(QuicStringPiece error_message) override {
+    CHECK(false) << error_message;
+  }
+};
+
 spdy::SpdyHeaderBlock GenerateHeaderList(QuicFuzzedDataProvider* provider) {
   spdy::SpdyHeaderBlock header_list;
   uint8_t header_count = provider->ConsumeIntegral<uint8_t>();
@@ -174,8 +197,7 @@
   const uint64_t maximum_blocked_streams = provider.ConsumeIntegral<uint8_t>();
 
   // Set up encoder.
-  // TODO: crash on decoder stream error
-  NoopDecoderStreamErrorDelegate decoder_stream_error_delegate;
+  CrashingDecoderStreamErrorDelegate decoder_stream_error_delegate;
   NoopQpackStreamSenderDelegate encoder_stream_sender_delegate;
   QpackEncoder encoder(&decoder_stream_error_delegate);
   encoder.set_qpack_stream_sender_delegate(&encoder_stream_sender_delegate);
@@ -183,8 +205,7 @@
   encoder.SetMaximumBlockedStreams(maximum_blocked_streams);
 
   // Set up decoder.
-  // TODO: crash on encoder stream error
-  NoopEncoderStreamErrorDelegate encoder_stream_error_delegate;
+  CrashingEncoderStreamErrorDelegate encoder_stream_error_delegate;
   NoopQpackStreamSenderDelegate decoder_stream_sender_delegate;
   QpackDecoder decoder(maximum_dynamic_table_capacity, maximum_blocked_streams,
                        &encoder_stream_error_delegate);