Add fuzzers for validity of greased Attribution Reporting headers

Change-Id: I2ceffc80848ed8f52fbe36c93c068a229586e15d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6276306
Reviewed-by: Colin Blundell <blundell@chromium.org>
Reviewed-by: Nan Lin <linnan@chromium.org>
Commit-Queue: Andrew Paseltiner <apaseltiner@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1421402}

services/BUILD.gn

@@ -37,6 +37,11 @@ test("services_unittests") {
     "//services/test:run_all_unittests",
   ]
 
+  fuzztests = [
+    "GetAttributionSupportHeader.IsSupportValid",
+    "SerializeAttributionReportingEligibleHeader.IsEligibleValid",
+  ]
+
   data_deps = [ "//testing/buildbot/filters:services_unittests_filters" ]
 
   if (use_blink) {

services/network/DEPS

@@ -28,6 +28,7 @@ include_rules = [
   "+services/service_manager/public",
   "+third_party/boringssl/src/include",
   "+third_party/boringssl/src/pki",
+  "+third_party/fuzztest",
   "+url",
 ]
 

services/network/attribution/BUILD.gn

@@ -44,6 +44,7 @@ source_set("tests") {
     "//services/network/public/cpp",
     "//services/network/public/mojom",
     "//testing/gtest",
+    "//third_party/fuzztest",
     "//url",
   ]
 }

services/network/attribution/request_headers_internal_unittest.cc

@@ -14,6 +14,7 @@
 #include "net/http/structured_headers.h"
 #include "services/network/public/mojom/attribution.mojom.h"
 #include "testing/gtest/include/gtest/gtest.h"
+#include "third_party/fuzztest/src/fuzztest/fuzztest.h"
 
 namespace network {
 
@@ -585,5 +586,53 @@ TEST(AttributionRequestHeadersTest, Greases_AdAuctionRegistrationEligible) {
   }
 }
 
+// Ensure that any support and any grease bits combine to produce a valid
+// structured header dictionary.
+void IsSupportValid(const mojom::AttributionSupport support,
+                    const uint8_t grease_bits) {
+  const auto grease_options =
+      AttributionReportingHeaderGreaseOptions::FromBits(grease_bits);
+
+  const std::string actual =
+      GetAttributionSupportHeader(support, grease_options);
+
+  auto dict = net::structured_headers::ParseDictionary(actual);
+  EXPECT_TRUE(dict.has_value());
+}
+
+FUZZ_TEST(GetAttributionSupportHeader, IsSupportValid)
+    .WithDomains(fuzztest::ElementOf<mojom::AttributionSupport>({
+                     mojom::AttributionSupport::kWeb,
+                     mojom::AttributionSupport::kWebAndOs,
+                     mojom::AttributionSupport::kOs,
+                     mojom::AttributionSupport::kNone,
+                 }),
+                 fuzztest::Arbitrary<uint8_t>());
+
+// Ensure that any eligibility and any grease bits combine to produce a valid
+// structured header dictionary.
+void IsEligibleValid(const mojom::AttributionReportingEligibility eligibility,
+                     const uint8_t grease_bits) {
+  const auto grease_options =
+      AttributionReportingHeaderGreaseOptions::FromBits(grease_bits);
+
+  const std::string actual =
+      SerializeAttributionReportingEligibleHeader(eligibility, grease_options);
+
+  auto dict = net::structured_headers::ParseDictionary(actual);
+  EXPECT_TRUE(dict.has_value());
+}
+
+FUZZ_TEST(SerializeAttributionReportingEligibleHeader, IsEligibleValid)
+    .WithDomains(
+        fuzztest::ElementOf<mojom::AttributionReportingEligibility>({
+            mojom::AttributionReportingEligibility::kEmpty,
+            mojom::AttributionReportingEligibility::kEventSource,
+            mojom::AttributionReportingEligibility::kNavigationSource,
+            mojom::AttributionReportingEligibility::kTrigger,
+            mojom::AttributionReportingEligibility::kEventSourceOrTrigger,
+        }),
+        fuzztest::Arbitrary<uint8_t>());
+
 }  // namespace
 }  // namespace network