tests: add a fuzzer for the json parser and dumper

src/fuzz/fuzz-json.c

@@ -0,0 +1,30 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#include "alloc-util.h"
+#include "fd-util.h"
+#include "fuzz.h"
+#include "json.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+        _cleanup_free_ char *out = NULL; /* out should be freed after g */
+        size_t out_size;
+        _cleanup_fclose_ FILE *f = NULL, *g = NULL;
+        _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+
+        if (size == 0)
+                return 0;
+
+        f = fmemopen((char*) data, size, "re");
+        assert_se(f);
+
+        if (json_parse_file(f, NULL, &v, NULL, NULL) < 0)
+                return 0;
+
+        g = open_memstream(&out, &out_size);
+        assert_se(g);
+
+        json_variant_dump(v, 0, g, NULL);
+        json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, g, NULL);
+
+        return 0;
+}

src/fuzz/meson.build

@@ -37,6 +37,10 @@ fuzzers += [
           libsystemd_network],
          []],
 
+        [['src/fuzz/fuzz-json.c'],
+         [libshared],
+         []],
+
         [['src/fuzz/fuzz-unit-file.c'],
          [libcore,
           libshared],

tools/oss-fuzz.sh

@@ -48,5 +48,8 @@ zip -jqr $OUT/fuzz-dns-packet_seed_corpus.zip $df/packet
 
 install -Dt $OUT/src/shared/ $build/src/shared/libsystemd-shared-*.so
 
+wget -O $OUT/fuzz-json_seed_corpus.zip https://storage.googleapis.com/skia-fuzzer/oss-fuzz/skjson_seed_corpus.zip
+wget -O $OUT/fuzz-json.dict https://raw.githubusercontent.com/rc0r/afl-fuzz/master/dictionaries/json.dict
+
 find $build -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv {} $OUT \;
 cp src/fuzz/*.options $OUT