Use php stream in exif fuzzer

author Nikita Popov <nikita.ppv@gmail.com>

Wed, 9 Oct 2019 15:45:57 +0000 (17:45 +0200)

committer Nikita Popov <nikita.ppv@gmail.com>

Thu, 10 Oct 2019 10:33:15 +0000 (12:33 +0200)
author Nikita Popov <nikita.ppv@gmail.com>
Wed, 9 Oct 2019 15:45:57 +0000 (17:45 +0200)
committer Nikita Popov <nikita.ppv@gmail.com>
Thu, 10 Oct 2019 10:33:15 +0000 (12:33 +0200)
diff --git a/sapi/fuzzer/fuzzer-exif.c b/sapi/fuzzer/fuzzer-exif.c

index 6591a688887fa28eab6f7ee3eb305797ea2c9b50..230852bb61ccce5d76c06746c66674d4dc5fa075 100644 (file)
--- a/sapi/fuzzer/fuzzer-exif.c
+++ b/sapi/fuzzer/fuzzer-exif.c
@@ -32,8 +32,8 @@
  
  int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
  #if HAVE_EXIF
-       char *filename;
-       int filedes;
+       php_stream *stream;
+       zval stream_zv;
  
         if (Size > 256 * 1024) {
                 /* Large inputs have a large impact on fuzzer performance,
@@ -45,16 +45,15 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
                 return 0;
         }
  
-       /* put the data in a file */
-       filename = tmpnam(NULL);
-       filedes = open(filename, O_CREAT|O_RDWR, 0644);
-       write(filedes, Data, Size);
-       close(filedes);
+       stream = php_stream_fopen_tmpfile();
+       php_stream_write(stream, (const char *) Data, Size);
+       php_stream_to_zval(stream, &stream_zv);
  
-       fuzzer_call_php_func("exif_read_data", 1, &filename);
+       fuzzer_call_php_func_zval("exif_read_data", 1, &stream_zv);
+
+       zval_ptr_dtor(&stream_zv);
  
         /* cleanup */
-       unlink(filename);
         php_request_shutdown(NULL);
  
         return 0;
author	Nikita Popov <nikita.ppv@gmail.com>
	Wed, 9 Oct 2019 15:45:57 +0000 (17:45 +0200)
committer	Nikita Popov <nikita.ppv@gmail.com>
	Thu, 10 Oct 2019 10:33:15 +0000 (12:33 +0200)