From 282c7b9b0da1257a9430efcb05d4b0d602641201 Mon Sep 17 00:00:00 2001
From: Amir Livneh <alivneh@fb.com>
Date: Sat, 28 Dec 2024 16:29:18 -0500
Subject: [PATCH] Use FuzzedDataProvider in fuzz_http3serverreq

---
 fuzz/fuzz_http3serverreq.cc | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/fuzz/fuzz_http3serverreq.cc b/fuzz/fuzz_http3serverreq.cc
index 466de16..fde5afb 100644
--- a/fuzz/fuzz_http3serverreq.cc
+++ b/fuzz/fuzz_http3serverreq.cc
@@ -1,5 +1,7 @@
 #include <array>
 
+#include <fuzzer/FuzzedDataProvider.h>
+
 #include <nghttp3/nghttp3.h>
 
 static int send_data(nghttp3_conn *conn) {
@@ -31,6 +33,7 @@ static int send_data(nghttp3_conn *conn) {
 }
 
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  FuzzedDataProvider fuzzed_data_provider(data, size);
   nghttp3_callbacks callbacks{};
   nghttp3_settings settings;
 
@@ -51,13 +54,21 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     goto fin;
   }
 
-  nread = nghttp3_conn_read_stream(conn, 0, data, size, 0);
-  if (nread < 0) {
-    goto fin;
-  }
+  while (fuzzed_data_provider.remaining_bytes() > 0) {
+    auto stream_id = fuzzed_data_provider.ConsumeIntegral<int64_t>();
+    auto chunk_size = fuzzed_data_provider.ConsumeIntegral<size_t>();
+    auto chunk = fuzzed_data_provider.ConsumeBytes<uint8_t>(chunk_size);
+    auto fin = fuzzed_data_provider.ConsumeBool();
 
-  if (send_data(conn) != 0) {
-    goto fin;
+    nread = nghttp3_conn_read_stream(conn, stream_id, chunk.data(),
+                                     chunk.size(), fin);
+    if (nread < 0) {
+      goto fin;
+    }
+
+    if (send_data(conn) != 0) {
+      goto fin;
+    }
   }
 
 fin: