//base:json reader fuzzer

BUG=

Review URL: https://codereview.chromium.org/1465283002

Cr-Commit-Position: refs/heads/master@{#361184}

2 files changed, 27 insertions, 0 deletions

diff --git a/testing/libfuzzer/fuzzers/BUILD.gn b/testing/libfuzzer/fuzzers/BUILD.gn
index 49da60f..b64bc225 100644
--- a/testing/libfuzzer/fuzzers/BUILD.gn
+++ b/testing/libfuzzer/fuzzers/BUILD.gn
@@ -195,3 +195,13 @@ test("v8_json_parser_fuzzer") {
     "$root_out_dir/snapshot_blob.bin",
   ]
 }
+
+test("base_json_reader_fuzzer") {
+  sources = [
+    "base_json_reader_fuzzer.cc",
+  ]
+  deps = [
+    "//base",
+    "//testing/libfuzzer:libfuzzer_main",
+  ]
+}
diff --git a/testing/libfuzzer/fuzzers/base_json_reader_fuzzer.cc b/testing/libfuzzer/fuzzers/base_json_reader_fuzzer.cc
new file mode 100644
index 0000000..d275654
--- /dev/null
+++ b/testing/libfuzzer/fuzzers/base_json_reader_fuzzer.cc
@@ -0,0 +1,17 @@
+// Copyright (c) 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <string>
+
+#include "base/json/json_reader.h"
+#include "base/values.h"
+
+// Entry point for LibFuzzer.
+extern "C" int LLVMFuzzerTestOneInput(const unsigned char* data,
+                                      unsigned long size) {
+  base::JSONReader reader;
+  reader.Read(std::string(reinterpret_cast<const char*>(data), size));
+  return 0;
+}
+