From 4ad13555184eb0697c2e92c64c1b0bdb287ccc10 Mon Sep 17 00:00:00 2001
From: Romain Baugue <romain.baugue@elwinar.com>
Date: Tue, 30 Apr 2019 13:51:05 +0200
Subject: [PATCH] html: add a Fuzz function

Adds a sample Fuzz test function to package html based on
https://github.com/dvyukov/go-fuzz-corpus/blob/master/stdhtml/main.go

Updates #19109
Updates #31309

Change-Id: I8c49fff8f70fc8a8813daf1abf0044752003adbb
Reviewed-on: https://go-review.googlesource.com/c/go/+/174301
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
---
 src/html/fuzz.go | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 src/html/fuzz.go

diff --git a/src/html/fuzz.go b/src/html/fuzz.go
new file mode 100644
index 0000000000000..ffa3e257f4052
--- /dev/null
+++ b/src/html/fuzz.go
@@ -0,0 +1,31 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build gofuzz
+
+package html
+
+import (
+	"fmt"
+)
+
+func Fuzz(data []byte) int {
+	v := string(data)
+
+	e := EscapeString(v)
+	u := UnescapeString(e)
+	if v != u {
+		fmt.Printf("v = %q\n", v)
+		fmt.Printf("e = %q\n", e)
+		fmt.Printf("u = %q\n", u)
+		panic("not equal")
+	}
+
+	// As per the documentation, this isn't always equal to v, so it makes
+	// no sense to check for equality. It can still be interesting to find
+	// panics in it though.
+	EscapeString(UnescapeString(v))
+
+	return 0
+}