From 57d3866b1de1efee357e87944ad49ff4e72bc06f Mon Sep 17 00:00:00 2001
From: Daniel Lemire <daniel@lemire.me>
Date: Wed, 22 Jan 2025 15:49:24 -0500
Subject: [PATCH] reduce the scope of the fuzzer (#846)

* reduce the scope of the fuzzer

* lint
---
 fuzz/url_pattern.cc | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/fuzz/url_pattern.cc b/fuzz/url_pattern.cc
index 0873ea7da..f7c9da3e6 100644
--- a/fuzz/url_pattern.cc
+++ b/fuzz/url_pattern.cc
@@ -6,10 +6,32 @@
 #include "ada.cpp"
 #include "ada.h"
 
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+std::string bytesToAlphanumeric(const std::string& source) {
+  static const char alphanumeric[] =
+      "abcdefghijklmnopqrstuvwxyz"
+      "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+      "0123456789";
+
+  std::string result;
+  result.reserve(source.size());
+
+  for (char byte : source) {
+    int index = static_cast<unsigned char>(byte) % (sizeof(alphanumeric) - 1);
+    result.push_back(alphanumeric[index]);
+  }
+
+  return result;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
   FuzzedDataProvider fdp(data, size);
-  std::string source = fdp.ConsumeRandomLengthString(50);
-  std::string base_source = fdp.ConsumeRandomLengthString(50);
+  // We do not want to trigger arbitrary regex matching.
+  std::string source =
+      "/" + bytesToAlphanumeric(fdp.ConsumeRandomLengthString(50)) + "/" +
+      bytesToAlphanumeric(fdp.ConsumeRandomLengthString(50));
+  std::string base_source =
+      "/" + bytesToAlphanumeric(fdp.ConsumeRandomLengthString(50)) + "/" +
+      bytesToAlphanumeric(fdp.ConsumeRandomLengthString(50));
 
   // Without base or options
   auto result = ada::parse_url_pattern(source, nullptr, nullptr);