Fuzzers: Add fuzzer for the Tar parser

2 files changed, 40 insertions, 0 deletions

diff --git a/Meta/Lagom/Fuzzers/CMakeLists.txt b/Meta/Lagom/Fuzzers/CMakeLists.txt
index a9b5c0b6ed..a7ac9acdbe 100644
--- a/Meta/Lagom/Fuzzers/CMakeLists.txt
+++ b/Meta/Lagom/Fuzzers/CMakeLists.txt
@@ -61,6 +61,7 @@ add_simple_fuzzer(FuzzSHA384 LibCrypto)
 add_simple_fuzzer(FuzzSHA512 LibCrypto)
 add_simple_fuzzer(FuzzShell LibShell)
 add_simple_fuzzer(FuzzSQLParser LibSQL)
+add_simple_fuzzer(FuzzTar LibArchive)
 add_simple_fuzzer(FuzzTTF LibGfx)
 add_simple_fuzzer(FuzzURL)
 add_simple_fuzzer(FuzzUTF16BEDecoder LibTextCodec)
diff --git a/Meta/Lagom/Fuzzers/FuzzTar.cpp b/Meta/Lagom/Fuzzers/FuzzTar.cpp
new file mode 100644
index 0000000000..02d89b14a2
--- /dev/null
+++ b/Meta/Lagom/Fuzzers/FuzzTar.cpp
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2022, Idan Horowitz <idan.horowitz@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <AK/MemoryStream.h>
+#include <LibArchive/TarStream.h>
+#include <stdio.h>
+
+extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
+{
+    InputMemoryStream input_stream(ReadonlyBytes { data, size });
+    Archive::TarInputStream tar_stream(input_stream);
+
+    if (!tar_stream.valid())
+        return 0;
+
+    for (; !tar_stream.finished(); tar_stream.advance()) {
+        auto const& header = tar_stream.header();
+
+        if (!header.content_is_like_extended_header())
+            continue;
+
+        switch (header.type_flag()) {
+        case Archive::TarFileType::GlobalExtendedHeader:
+        case Archive::TarFileType::ExtendedHeader: {
+            auto result = tar_stream.for_each_extended_header([&](StringView, StringView) {});
+            if (result.is_error())
+                return 0;
+            break;
+        }
+        default:
+            return 0;
+        }
+    }
+
+    return 0;
+}