# Copyright 2016 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

# Fuzzers for content/ components.

import("//mojo/public/tools/bindings/mojom.gni")
import("//mojo/public/tools/fuzzers/mojolpm.gni")
import("//testing/libfuzzer/fuzzer_test.gni")
import("//third_party/protobuf/proto_library.gni")

# Empty group for package discovery.
group("fuzzer") {
}

source_set("fuzzer_support") {
  sources = [
    "fuzzer_support.cc",
    "fuzzer_support.h",
  ]
  public_deps = [
    "//base",
    "//base/test:test_support",
    "//content/renderer:for_content_tests",
    "//content/shell:content_shell_lib",
    "//content/test:test_support",
    "//gin",
    "//tools/v8_context_snapshot",
  ]
  configs += [ "//tools/v8_context_snapshot:use_v8_context_snapshot" ]
  testonly = true
}

fuzzer_test("origin_trial_token_fuzzer") {
  sources = [ "origin_trial_token_fuzzer.cc" ]
  deps = [ "//content/test:test_support" ]
  dict =
      "//content/test/data/fuzzer_dictionaries/origin_trial_token_fuzzer.dict"
  seed_corpus = "//content/test/data/fuzzer_corpus/origin_trial_token_data/"
}

fuzzer_test("renderer_fuzzer") {
  sources = [ "renderer_fuzzer.cc" ]
  deps = [ ":fuzzer_support" ]
}

fuzzer_test("renderer_tree_fuzzer") {
  sources = [ "renderer_tree_fuzzer.cc" ]
  deps = [ ":fuzzer_support" ]
}

fuzzer_test("renderer_proto_tree_fuzzer") {
  sources = [ "renderer_proto_tree_fuzzer.cc" ]
  deps = [
    ":fuzzer_support",
    ":html_tree_proto",
    "//third_party/libprotobuf-mutator",
  ]
}

proto_library("html_tree_proto") {
  sources = [ "html_tree.proto" ]
  testonly = true
}

fuzzer_test("signed_exchange_envelope_fuzzer") {
  sources = [ "signed_exchange_envelope_fuzzer.cc" ]
  deps = [
    "//base:i18n",
    "//content/test:test_support",
  ]
  seed_corpus = "//content/test/data/sxg/"
}

fuzzer_test("devtools_protocol_encoding_cbor_fuzzer") {
  sources =
      [ "../../browser/devtools/devtools_protocol_encoding_cbor_fuzzer.cc" ]
  deps = [
    "//base",
    "//third_party/inspector_protocol:crdtp",
  ]
  seed_corpus =
      "../../browser/devtools/devtools_protocol_encoding_cbor_fuzzer_corpus/"
}

fuzzer_test("devtools_protocol_encoding_json_fuzzer") {
  sources =
      [ "../../browser/devtools/devtools_protocol_encoding_json_fuzzer.cc" ]
  deps = [
    "//base",
    "//third_party/inspector_protocol:crdtp",
  ]
  seed_corpus = "//third_party/grpc/src/test/core/json/corpus/"
}

fuzzer_test("inspector_fuzzer") {
  sources = [ "../../browser/devtools/inspector_fuzzer.cc" ]
  deps = [ "//third_party/inspector_protocol:crdtp" ]
  seed_corpus = "//components/cbor/reader_fuzzer_corpus/"
}

fuzzer_test("signed_exchange_certificate_chain_fuzzer") {
  sources = [
    "../../browser/web_package/signed_exchange_certificate_chain_fuzzer.cc",
  ]
  deps = [ "//content/test:test_support" ]
  seed_corpus = "//content/test/data/fuzzer_corpus/signed_exchange_certificate_chain_data/"
}

fuzzer_test("appcache_manifest_parser_fuzzer") {
  sources = [ "appcache_manifest_parser_fuzzer.cc" ]
  deps = [
    "//base:i18n",
    "//content/test:test_support",
  ]
  dict = "//content/test/data/fuzzer_dictionaries/appcache_manifest_parser_fuzzer.dict"
  seed_corpus = "//third_party/blink/web_tests/http/tests/appcache/resources/"
}

fuzzer_test("merkle_integrity_source_stream_fuzzer") {
  sources = [ "merkle_integrity_source_stream_fuzzer.cc" ]

  # This fuzzer depends on net::FuzzedSourceStream, in net_fuzzer_test_support,
  # but both it and //content:test_support set up similar globals. As
  # MerkleIntegritySourceStream does not depend on anything in //content and
  # will ultimately live in //net, use the //net one instead of the //content
  # one.
  deps = [
    "//content/browser:for_content_tests",
    "//content/renderer:for_content_tests",
    "//content/shell:content_shell_lib",
    "//content/test:test_support",
    "//net:net_fuzzer_test_support",
    "//net:test_support",
  ]
  dict = "//content/test/data/fuzzer_dictionaries/merkle_integrity_source_stream_fuzzer.dict"
  environment_variables = [ "AFL_DRIVER_DONT_DEFER=1" ]
}

proto_library("appcache_fuzzer_proto") {
  sources = [ "../../browser/appcache/appcache_fuzzer.proto" ]
  testonly = true
}

fuzzer_test("appcache_fuzzer") {
  sources = [
    "../../browser/appcache/appcache_fuzzer.cc",
    "../../browser/appcache/mock_appcache_storage.cc",
    "../../browser/appcache/mock_appcache_storage.h",
  ]

  deps = [
    ":appcache_fuzzer_proto",
    "//base/test:test_support",
    "//content/app:for_content_tests",
    "//content/browser:browser",
    "//content/public/browser:browser_sources",
    "//content/test:test_support",
    "//mojo/core/embedder",
    "//services/network:test_support",
    "//storage/browser:test_support",
    "//third_party/libprotobuf-mutator",
  ]
}

mojolpm_fuzzer_test("code_cache_host_mojolpm_fuzzer") {
  sources = [ "code_cache_host_mojolpm_fuzzer.cc" ]

  proto_source = "code_cache_host_mojolpm_fuzzer.proto"
  testcase_proto_kind = "content.fuzzing.code_cache_host.proto.Testcase"

  deps = [
    "//base/test:test_support",
    "//content/browser:for_content_tests",
    "//content/public/browser:browser_sources",
    "//content/test:test_support",
    "//services/network:test_support",
    "//storage/browser:test_support",
    "//third_party/icu:icudata",
  ]

  proto_deps = [ "//third_party/blink/public/mojom:mojom_platform_mojolpm" ]

  seed_corpus_sources = [
    "//content/test/data/fuzzer_corpus/code_cache_host_mojolpm_fuzzer/did_generate_cacheable_metadata_origin_a.textproto",
    "//content/test/data/fuzzer_corpus/code_cache_host_mojolpm_fuzzer/did_generate_cacheable_metadata_origin_b.textproto",
  ]
}

mojolpm_fuzzer_test("file_system_manager_mojolpm_fuzzer") {
  sources = [ "file_system_manager_mojolpm_fuzzer.cc" ]

  proto_source = "file_system_manager_mojolpm_fuzzer.proto"

  deps = [
    "//base/test:test_support",
    "//content/browser:for_content_tests",
    "//content/public/browser:browser_sources",
    "//content/test:test_support",
    "//services/network:test_support",
    "//storage/browser:test_support",
    "//third_party/icu:icudata",
  ]

  proto_deps = [ "//third_party/blink/public/mojom:mojom_platform_mojolpm" ]
}

fuzzer_test("speech_audio_encoder_fuzzer") {
  sources = [
    "../../browser/speech/audio_buffer.cc",
    "../../browser/speech/audio_buffer.h",
    "../../browser/speech/audio_encoder.cc",
    "../../browser/speech/audio_encoder.h",
    "../../browser/speech/audio_encoder_fuzzer.cc",
    "//content/common/content_export.h",
  ]

  deps = [
    "//base",
    "//third_party/flac",
  ]
}

fuzzer_test("browser_accessibility_fuzzer") {
  sources = [ "browser_accessibility_fuzzer.cc" ]
  deps = [
    "//content/app:for_content_tests",
    "//content/browser:browser",
    "//content/browser:browser",
    "//content/public/browser:browser_sources",
    "//content/test:test_support",
    "//mojo/core/embedder",
    "//services/network:test_support",
    "//storage/browser:test_support",
  ]
}

source_set("indexed_db_fuzzer_support") {
  public_deps = [
    "//base",
    "//content/browser",
    "//content/public/browser:browser_sources",
    "//third_party/blink/public/common:headers",
  ]
  testonly = true
}

fuzzer_test("indexed_db_leveldb_coding_encodeidbkey_fuzzer") {
  sources = [
    "../../browser/indexed_db/indexed_db_leveldb_coding_encodeidbkey_fuzzer.cc",
  ]
  deps = [ ":indexed_db_fuzzer_support" ]
  seed_corpus = "../../browser/indexed_db/fuzzer_corpus/indexed_db_key"
}

fuzzer_test("indexed_db_leveldb_coding_encodeidbkeypath_fuzzer") {
  sources = [ "../../browser/indexed_db/indexed_db_leveldb_coding_encodeidbkeypath_fuzzer.cc" ]
  deps = [ ":indexed_db_fuzzer_support" ]
  seed_corpus = "../../browser/indexed_db/fuzzer_corpus/indexed_db_key_path"
}

fuzzer_test("indexed_db_leveldb_coding_decodeidbkey_fuzzer") {
  sources = [
    "../../browser/indexed_db/indexed_db_leveldb_coding_decodeidbkey_fuzzer.cc",
  ]
  deps = [ ":indexed_db_fuzzer_support" ]
  seed_corpus = "../../browser/indexed_db/fuzzer_corpus/encoded_indexed_db_key"
}

fuzzer_test("indexed_db_leveldb_coding_decodeidbkeypath_fuzzer") {
  sources = [ "../../browser/indexed_db/indexed_db_leveldb_coding_decodeidbkeypath_fuzzer.cc" ]
  deps = [ ":indexed_db_fuzzer_support" ]
  seed_corpus =
      "../../browser/indexed_db/fuzzer_corpus/encoded_indexed_db_key_path"
}

# Fuzzer only supports linux. As we use a `V4L2CaptureDevice`, which is only
# usable on linux through `VideoCaptureDeviceFactoryLinux`.
if (is_linux) {
  mojolpm_fuzzer_test("video_capture_host_mojolpm_fuzzer") {
    sources = [ "video_capture_host_mojolpm_fuzzer.cc" ]

    proto_source = "video_capture_host_mojolpm_fuzzer.proto"

    deps = [
      "//base/test:test_support",
      "//content/browser:for_content_tests",
      "//content/public/browser:browser",
      "//content/test:content_unittests",
      "//content/test:test_support",
      "//media:test_support",
      "//media/capture:capture_lib",
      "//media/capture:test_support",
      "//services/network:test_support",
      "//storage/browser:test_support",
      "//third_party/blink/public/common:common",
      "//third_party/icu:icudata",
    ]

    proto_deps = [ "//media/capture/mojom:video_capture_mojolpm" ]
  }
}

mojolpm_fuzzer_test("presentation_service_mojolpm_fuzzer") {
  sources = [ "presentation_service_mojolpm_fuzzer.cc" ]

  proto_source = "presentation_service_mojolpm_fuzzer.proto"

  deps = [
    ":controller_presentation_service_delegate_for_fuzzing",
    "//base/test:test_support",
    "//content/browser:for_content_tests",
    "//content/public/browser:browser",
    "//content/test:content_unittests",
    "//content/test:test_support",
    "//services/network:test_support",
    "//storage/browser:test_support",
    "//ui/events/devices:devices",
  ]

  proto_deps = [
    ":controller_presentation_service_delegate_for_fuzzing_proto",
    "//third_party/blink/public/mojom:mojom_platform_mojolpm",
  ]
}

if (enable_mojom_fuzzer) {
  static_library("controller_presentation_service_delegate_for_fuzzing") {
    # Should only be used in the fuzzer this was made for
    visibility = [ ":presentation_service_mojolpm_fuzzer" ]

    sources = [
      "controller_presentation_service_delegate_for_fuzzing.cc",
      "controller_presentation_service_delegate_for_fuzzing.h",
    ]

    deps = [
      ":controller_presentation_service_delegate_for_fuzzing_proto",
      "//base",
      "//content/public/browser:browser",
      "//media:test_support",
      "//third_party/blink/public/mojom:mojom_platform_mojolpm",
      "//url/mojom:url_mojom_gurl_mojolpm",
    ]

    testonly = true
  }

  proto_library("controller_presentation_service_delegate_for_fuzzing_proto") {
    # Should only be used in the fuzzer this was made for, and its
    # generated rules
    visibility = [ "//content/test/fuzzer:*" ]

    proto_in_dir = "//"

    sources = [ "controller_presentation_service_delegate_for_fuzzing.proto" ]
    generate_python = false

    proto_deps = [
      "//third_party/blink/public/mojom:mojom_platform_mojolpm",
      "//url/mojom:url_mojom_gurl_mojolpm",
    ]
    link_deps = [
      "//third_party/blink/public/mojom:mojom_platform_mojolpm",
      "//url/mojom:url_mojom_gurl_mojolpm",
    ]

    import_dirs = [ root_gen_dir ]
    testonly = true
  }
}