From 1d582ac603a1a219198415bb5a2a6950d0b470c9 Mon Sep 17 00:00:00 2001
From: l00799755 <lujiahui4@huawei.com>
Date: Sat, 14 Sep 2024 11:35:03 +0800
Subject: [PATCH] testTryCatch

Signed-off-by: l00799755 <lujiahui4@huawei.com>
---
 Sources/FuzzilliCli/Profiles/ArkProfile.swift |  14 ++++--
 trycatchtests/1.fzil                          | Bin 0 -> 292 bytes
 trycatchtests/1.js                            |  28 +++++++++++
 trycatchtests/1test.fzil                      | Bin 0 -> 705 bytes
 trycatchtests/1test.js                        |  21 ++++++++
 trycatchtests/1test2.js                       |  29 +++++++++++
 trycatchtests/2.fzil                          | Bin 0 -> 369 bytes
 trycatchtests/2.js                            |  19 +++++++
 trycatchtests/3.fzil                          | Bin 0 -> 297 bytes
 trycatchtests/3.js                            |  17 +++++++
 trycatchtests/4.fzil                          | Bin 0 -> 139 bytes
 trycatchtests/4.js                            |  12 +++++
 trycatchtests/5.fzil                          | Bin 0 -> 199 bytes
 trycatchtests/5.js                            |  13 +++++
 trycatchtests/6.fzil                          | Bin 0 -> 278 bytes
 trycatchtests/6.js                            |  27 ++++++++++
 trycatchtests/7.js                            |  47 ++++++++++++++++++
 17 files changed, 224 insertions(+), 3 deletions(-)
 create mode 100644 trycatchtests/1.fzil
 create mode 100644 trycatchtests/1.js
 create mode 100644 trycatchtests/1test.fzil
 create mode 100644 trycatchtests/1test.js
 create mode 100644 trycatchtests/1test2.js
 create mode 100644 trycatchtests/2.fzil
 create mode 100644 trycatchtests/2.js
 create mode 100644 trycatchtests/3.fzil
 create mode 100644 trycatchtests/3.js
 create mode 100644 trycatchtests/4.fzil
 create mode 100644 trycatchtests/4.js
 create mode 100644 trycatchtests/5.fzil
 create mode 100644 trycatchtests/5.js
 create mode 100644 trycatchtests/6.fzil
 create mode 100644 trycatchtests/6.js
 create mode 100644 trycatchtests/7.js

diff --git a/Sources/FuzzilliCli/Profiles/ArkProfile.swift b/Sources/FuzzilliCli/Profiles/ArkProfile.swift
index dd73609..1efca27 100644
--- a/Sources/FuzzilliCli/Profiles/ArkProfile.swift
+++ b/Sources/FuzzilliCli/Profiles/ArkProfile.swift
@@ -25,6 +25,12 @@ fileprivate let RunNearStackLimitGenerator = CodeGenerator("RunNearStackLimitGen
     b.callFunction(fun, withArgs: [f])
 }
 
+//testTryCatchForFunc
+fileprivate let TestTryCatchForFuncGenerator = CodeGenerator("TestTryCatchForFuncGenerator", inputs: .required(.function())) { b, f in
+    let fun = b.loadBuiltin("testTryCatchForFunc")
+    b.callFunction(fun, withArgs: [f])
+}
+
 /// ArkTS Generators
 fileprivate let ArkTSObjectInstanceGenerator = ValueGenerator("ArkTSObjectInstanceGenerator") { b, n in
     let builtin = chooseUniform(from: ["Stack", "HashMap", "HashSet", "LinkedList", "List", "ArrayList", "TreeMap", "TreeSet", "LightWeightMap", "LightWeightSet" , "Deque", "Queue", "PlainArray"])
@@ -689,6 +695,7 @@ let arkProfile = Profile(
                 function sgc() { for(let i=0; i<0x10000; i+=1) {new String();} }
                 
                 function runNearStackLimit(f) { function t() { try { t(); } catch(e) { f(); } }; try { t(); } catch(e) {} }
+                function testTryCatchForFunc(f){try { f(); } catch(e) {print("123");}}
                 function arkPrint(d) { print(JSON.stringify(d)); }
                 """,
     
@@ -700,12 +707,13 @@ let arkProfile = Profile(
     crashTests: ["fuzzilli('FUZZILLI_CRASH', 0)", "fuzzilli('FUZZILLI_CRASH', 1)"],
     
     additionalCodeGenerators: [
-        (PrintGenerator,                           40),
+        (PrintGenerator,                           30),
         (RunNearStackLimitGenerator,                5),
-        (ArkTSObjectInstanceGenerator,             20),
-        (ArkTSCollectionsObjectInstanceGenerator,  20),
+        (ArkTSObjectInstanceGenerator,              5),
+        (ArkTSCollectionsObjectInstanceGenerator,  15),
         (ArkTsCollectionsTypedArrayValueGenerator, 10),
         (ArkTsUtilsCodeGenerator,                   5),
+        (TestTryCatchForFuncGenerator,             30),
     ],
 
     additionalProgramTemplates: WeightedList<ProgramTemplate>([]),
diff --git a/trycatchtests/1.fzil b/trycatchtests/1.fzil
new file mode 100644
index 0000000000000000000000000000000000000000..0ddba722504a7a77d88bab2d809ad9d85b5d579a
GIT binary patch
literal 292
zcmZ9_tq#I45CGuz+O6$vjO}=Xg-5{=9s-9Z2=o#RazT(u<Ro$urg?x#Bo2W=(QXTY
znallthw-g0>+5qqJ8TP@9$!0xH6tH6yK_b&H;g>wJY}R1I25*4$VCd86QTeiD+OA*
zsq{{EY7jjC;e!UJsM5AXhBmxyW;=Rs3rm`gG}wsNW|%AY(5<@t5P6VEALU}XS&>G;
lg0PV-F>-_`zTw=-Q7=W~YWOs6FMjRh-%hBvCj<Lp*aswfDaHT*

literal 0
HcmV?d00001

diff --git a/trycatchtests/1.js b/trycatchtests/1.js
new file mode 100644
index 0000000..fece961
--- /dev/null
+++ b/trycatchtests/1.js
@@ -0,0 +1,28 @@
+
+let o1 = {};
+for (let i = 0 ; i < 1; i++) {
+    try {
+        continue;
+    } catch(e19) {
+        o1 = [0]
+    } finally {
+        try {
+            o1[Math]
+        } catch (e) {
+        }
+    }
+}
+
+let v = []
+for (const vv in v) {
+    try {
+        continue;
+    } catch(e19) {
+        o1 = [0]
+    } finally {
+        try {
+            o1[Math]
+        } catch (e) {
+        }
+    }
+}
diff --git a/trycatchtests/1test.fzil b/trycatchtests/1test.fzil
new file mode 100644
index 0000000000000000000000000000000000000000..b48dd014269764dd2a6bed107b81010d182619dd
GIT binary patch
literal 705
zcmZ9JO=uHA6vuaVCcCpQo3BZlCNZ(?wl?-th!+nYQWV64r6~2%Q))sRNE!*NQbDMD
zjCinm(SvwU=|S-xyy&R}5fm@&&0K_Dgn|WyitlY~5HAC7-*0|z-hUyw@L*FFZ=Zkn
z@KfZ@^X<cyQouA%*Z_;wHTTS1vsqeKCNSpc5|jk4F}-bQDh-T#A`UShJ69{!uUE=F
zS^^Uemm7?5E&_z3)$pws*WA;EK4&8L-RBHb{^hLyr=t&u%aYH6AaN$>LAz~fDhw=C
zu&giJzat0rp*dxN9t!Unx-_X3!B*|Z&$mmRRFUc^)|vd{3+1o({5pp9^6Oj8#q!-E
zZK-feMh+G4IfB3vo(KS+FU=D$fB+|8AlV->h?3;hZ%^Ow&u6JMm^x}%;Yc(VPb5?6
zU9PDBu#BTA?g1XZ@a+b$V=XE+>7dUxu&iUsjc1Qu+|Q9Ko9nrfAY?9mykmqQ*sPRq
zT&rBJuB^JG81fZQNZ}t{sbNrT7$e(RBIAfB3=o$}?kYyWM~0n_fpx91Qc$?wsAI^j
z?$)8d)#zAn8~`7)PwZoiHZkM>GUNF^lebS26QpD&{ABQAW@55!>Qd0#Cin0$D40UQ
z%a0#k3EF9D`Y0bZ;|U4ImG$~^qoxv|&&;+2Zs;}^n$>#Mt=_EAKTpq2cZEh*GpFdP
MuJ}HB`Fl(I1I#Ugi~s-t

literal 0
HcmV?d00001

diff --git a/trycatchtests/1test.js b/trycatchtests/1test.js
new file mode 100644
index 0000000..7152b07
--- /dev/null
+++ b/trycatchtests/1test.js
@@ -0,0 +1,21 @@
+new Uint8Array(10);
+new Uint8ClampedArray(128);
+const v11 = new Int32Array(239);
+const v14 = new Uint8Array(3695);
+for (const v15 in v14) {
+    const v17 = [-514941.5156203632, 6.197615578418986, 892.1739646878298, 556.5417222356593, -1.0, NaN, -3.0, -1e-15];
+	let v18 = 0;
+	try {
+	    continue;
+	} catch (e19) {
+	    //[...e19] = v17;
+	} finally {
+	    try {
+		    v11.reduceRight(-1000000000000.0, v17);
+		} catch (e) {}
+	}
+	while (Math.log2(11737), (-1068118312) ** v15, -1068118312 >> v15, v18 < 3) {
+	    v17[Symbol.toPrimitive] = -1167271718;
+		v18++;
+	}
+}
\ No newline at end of file
diff --git a/trycatchtests/1test2.js b/trycatchtests/1test2.js
new file mode 100644
index 0000000..c4196a3
--- /dev/null
+++ b/trycatchtests/1test2.js
@@ -0,0 +1,29 @@
+let o1 = {}
+for (let i = 0 ; i < 1; i++) {
+    const v1=[0]
+    try {
+        continue;
+    } catch(e19) {
+        [...o1] = v1
+    } finally {
+        try {
+            o1[Math]
+        } catch (e) {
+        }
+    }
+}
+
+let v = []
+for (const vv in v) {
+    const v2=[0]
+    try {
+        continue;
+    } catch(e19) {
+        [...o1] = v2
+    } finally {
+        try {
+            o1[Math]
+        } catch (e) {
+        }
+    }
+}
diff --git a/trycatchtests/2.fzil b/trycatchtests/2.fzil
new file mode 100644
index 0000000000000000000000000000000000000000..347c8b72b650d8171ff036f9badcf6c4c254aebb
GIT binary patch
literal 369
zcmYk2y>7xV5P<D->^KJ@a4msACmw^9N_`GM2q95G6;IHu-C)d^k&%%{;3X<CB6UV$
z>Lmo1<)rideBT-C*RQwavVQ&D(9bl>RwwdNiXK==>JtU2Z6HXals&-}kdSiDEvjfi
zRG_?r57x`8p3b-$AZT+oV1W!uf5%U1&w&&Bov%ze@QQ#}Kt3jdtuM%;#8krrvvOlr
zswFez0Zq)ThBe2mMI|$;J7&W%iyK0e)VF9xv*~QHrWk>qjwZrzz8nwdlfm+RHT;<5
oe$USDes}Zc(2Prm*4-g)wVgvdDIJoIbLjp%WV-k}eAyZC2Mhx+w*UYD

literal 0
HcmV?d00001

diff --git a/trycatchtests/2.js b/trycatchtests/2.js
new file mode 100644
index 0000000..22896a6
--- /dev/null
+++ b/trycatchtests/2.js
@@ -0,0 +1,19 @@
+let a = 1
+
+try {
+    for (let i = 0; i < 1; i++) { 
+    }
+} catch(e) {
+}
+a = 2
+
+
+function Test() {
+    for (let v1 = 0; v1 < 5; v1++) {
+    }
+    try { ("bigint").localeCompare(); } catch (e) {}
+    for (let i = 0; i < 5; i++) {
+    }
+}
+
+Test()
\ No newline at end of file
diff --git a/trycatchtests/3.fzil b/trycatchtests/3.fzil
new file mode 100644
index 0000000000000000000000000000000000000000..aebbcd8d6c16bece03ecb2763345f10b78005b36
GIT binary patch
literal 297
zcmX|*y-EW?6ou!`@6Op>vpW$VK=1(s1xp3nU?DbkAwQ621Dj3IHf2gXeFPf|J3CV-
z1bl(u6ZjO~SuxG<UFO{HTohl|N4@du`RC)q$NS~W_B%L`IFt!RAO;yhGN=fOK?lGH
zl1gut2x<ute@wgNA&vd9GI61V($;OPhnrNx(cRTJSWvR!xO(Epfc&ip2ap~s-9b8-
zR<ov_51MIR(4RL2rE6!P7AL3NO4-_J$o_FG%-iEUbeiRRZ&pNmXJ>EE3ZP=CGvH=Y
kHD?!f-M{BeS(MKlZxcCGS%!_}irJ`%itbLq!~Xy93yLx=CjbBd

literal 0
HcmV?d00001

diff --git a/trycatchtests/3.js b/trycatchtests/3.js
new file mode 100644
index 0000000..d2a35eb
--- /dev/null
+++ b/trycatchtests/3.js
@@ -0,0 +1,17 @@
+const v16 =[1,2,3,4];
+try {
+    v16.indexOf(-1);
+} catch (e) {
+}
+
+const v3 = this?.constructor;
+try {
+    new v45(a1, 2) 
+} catch (e) {}
+
+try {
+    const v1 = Uint8Array();
+    try { v1.set(v1)} catch (e) {}
+} catch (e3) {
+
+}
\ No newline at end of file
diff --git a/trycatchtests/4.fzil b/trycatchtests/4.fzil
new file mode 100644
index 0000000000000000000000000000000000000000..0a98b2d225104dc368153edb614a2d7e41c9752d
GIT binary patch
literal 139
zcmd-QP_A9Z{Q8P#%@qA<-R=3|fkJFtj0~?B8HAWGF*68paxpP5zG7tJU=(6I#l+0T
zm?Ff-#mdCY!pioEk%fzigGGqBiHkvqm5Y&Gi9v{qi;0PS5(`)z&>W5~pcL~g5b+CU
aA~zQsBLgD?1LrO_1|cwqlaql9$N>NmTol0o

literal 0
HcmV?d00001

diff --git a/trycatchtests/4.js b/trycatchtests/4.js
new file mode 100644
index 0000000..57146f4
--- /dev/null
+++ b/trycatchtests/4.js
@@ -0,0 +1,12 @@
+class C0 {}
+
+class C1 extends C0 {
+    static d;
+    constructor(a3, a4, a5, a6) {
+        try {
+            this.d = 0;
+        } catch(e7) {}
+    }
+}
+const v8 = new C1(C0, C1, C0,C0)
+new C1(C0, v8, v8, C0)
\ No newline at end of file
diff --git a/trycatchtests/5.fzil b/trycatchtests/5.fzil
new file mode 100644
index 0000000000000000000000000000000000000000..fe7defc89f1e6a4d1388c36717a1aac6842dce08
GIT binary patch
literal 199
zcmd-QU<&P@9cS<Fw(8`e6odNxON2PM7#U`<GI22oF*gATaV|ziD<Lj{YNfoy+*Bni
z1tqWij69`UAs#M9rY06PE*7s~e?K99E@mc1=2L9!T&x9&Ma8K?yj)DoEL|XZkUk+c
zE=HD998fbsa;ykB5iTZHwo`1pT-+u3p#=r0Mb3#p1Asc%yFjj(1tM+%^#VmW5F(3M
P8HCumm>4)$u`vJuC<Y~B

literal 0
HcmV?d00001

diff --git a/trycatchtests/5.js b/trycatchtests/5.js
new file mode 100644
index 0000000..c4bb4f6
--- /dev/null
+++ b/trycatchtests/5.js
@@ -0,0 +1,13 @@
+function Test() {
+    try {
+        let data = JSON.parse('{"name": "John"}');
+        if (data.name) {
+            try {
+                data.name.toUpperCase()
+            } catch (e17) {
+            }
+        }
+        } catch (e17) {
+    }
+}
+Test()
\ No newline at end of file
diff --git a/trycatchtests/6.fzil b/trycatchtests/6.fzil
new file mode 100644
index 0000000000000000000000000000000000000000..7f4becca52bc4ae28b9f32340ba05ed63adbc2ed
GIT binary patch
literal 278
zcmZ{eI}U<C5QcYVp9~LSO*{Yv*Rb&_mIgJ}#8?tzLFo}Vf+w){7?ze+4oC<VZZX+^
zl7GIB(#7twtfJNZyw;nlXbW!$#1n)M2?1ZA2p#x@5M`|_>FvHelwO`le1|2Jsx_kP
z>AKrqd2ldekZ(RGAF{g%HaG6bPkBdDSa;*9CJ6GrL<2dDCgdpoM~;($JR4z5PW#ZX
Yh9$^ybjTkJvc?W}KSF*gM1IafA6r)^@Bjb+

literal 0
HcmV?d00001

diff --git a/trycatchtests/6.js b/trycatchtests/6.js
new file mode 100644
index 0000000..deb9352
--- /dev/null
+++ b/trycatchtests/6.js
@@ -0,0 +1,27 @@
+class C1 {
+    constructor(a3) {
+        const v8 = a3.proto;
+        try {
+            try {
+                v8(); 
+            } catch (e) {
+            }
+        } catch(e17) {
+        }
+    }
+}
+new C1(1073741824);
+let c = 0;
+class C2 {
+    constructor(a3) {
+        const v8 = a3.proto;
+        try {
+            try { v8(); } catch (e) {
+            }
+        } catch(e17) {
+        } finally {
+            c = 2
+        }
+    }
+}
+new C2(1073741824);
\ No newline at end of file
diff --git a/trycatchtests/7.js b/trycatchtests/7.js
new file mode 100644
index 0000000..f8b234a
--- /dev/null
+++ b/trycatchtests/7.js
@@ -0,0 +1,47 @@
+let a = 0;
+
+try {
+    let n = 1
+    switch (n) {
+        case 1:
+            a = 1;
+            break;
+        case 2:
+            a = 2;
+            break;
+        default:
+            a = 3
+    }
+} catch (e) {
+}
+
+a= 4
+
+try {
+    let n = 1
+    switch (n) {
+        case 4:
+        case 1:
+            a = 1;
+            for (let i = 0; i < 10; i++) {
+                try{
+                    if (i < 5) {
+                        continue;
+                    }
+                } catch(e) {
+                }
+            }
+            a++
+        case 2:
+            a = 2;
+            break;
+        case 3:
+            a = 4;
+            break;
+        default:
+            a = 3;
+    }
+} catch (e) {
+}
+
+a =5
\ No newline at end of file
-- 
Gitee