From 40b6d5a2e193322e6e93b2eeb087c51d8eb6faad Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Tue, 25 Apr 2023 16:37:28 +0200
Subject: fuzz: extend fuzzers coverage (#1952)

---
 fuzz/fuzz_libinjection.c | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

(limited to 'fuzz/fuzz_libinjection.c')

diff --git a/fuzz/fuzz_libinjection.c b/fuzz/fuzz_libinjection.c
index 9fd60107b..c878fe823 100644
--- a/fuzz/fuzz_libinjection.c
+++ b/fuzz/fuzz_libinjection.c
@@ -5,7 +5,7 @@
 
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   char *query;
-  char fingerprint[8];
+  struct libinjection_sqli_state state;
 
   /* No memory allocations involved */
 
@@ -15,11 +15,25 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   memcpy(query, data, size);
   query[size] = '\0';
 
-  libinjection_sqli(query, strlen(query), fingerprint);
+
+  libinjection_sqli_init(&state, query, strlen(query), 0); /* Default: FLAG_QUOTE_NONE | FLAG_SQL_ANSI */
+  libinjection_is_sqli(&state);
+  libinjection_sqli_init(&state, query, strlen(query), FLAG_QUOTE_SINGLE | FLAG_SQL_ANSI);
+  libinjection_is_sqli(&state);
+  libinjection_sqli_init(&state, query, strlen(query), FLAG_QUOTE_DOUBLE | FLAG_SQL_ANSI);
+  libinjection_is_sqli(&state);
+  libinjection_sqli_init(&state, query, strlen(query), FLAG_QUOTE_NONE | FLAG_SQL_MYSQL);
+  libinjection_is_sqli(&state);
+  libinjection_sqli_init(&state, query, strlen(query), FLAG_QUOTE_SINGLE | FLAG_SQL_MYSQL);
+  libinjection_is_sqli(&state);
+  libinjection_sqli_init(&state, query, strlen(query), FLAG_QUOTE_DOUBLE | FLAG_SQL_MYSQL);
+  libinjection_is_sqli(&state);
 
   libinjection_xss(query, strlen(query));
 
   free(query);
 
+  libinjection_version();
+
   return 0;
 }
-- 
cgit v1.2.3