From 4700034fa5cff87833713b72ca0ba239997ac583 Mon Sep 17 00:00:00 2001
From: Alexander Saltanov <asd@mokote.com>
Date: Fri, 28 Oct 2022 13:22:35 +0300
Subject: [PATCH] Make fuzzing to compile and run

---
 fuzz/.gitignore                    |  2 +-
 fuzz/Cargo.toml                    | 11 +++++++----
 fuzz/README.md                     |  7 +++++++
 fuzz/fuzz_targets/fuzz_target_1.rs | 18 ++++++++++--------
 4 files changed, 25 insertions(+), 13 deletions(-)
 create mode 100644 fuzz/README.md

diff --git a/fuzz/.gitignore b/fuzz/.gitignore
index 572e03bd..1a45eee7 100644
--- a/fuzz/.gitignore
+++ b/fuzz/.gitignore
@@ -1,4 +1,4 @@
-
 target
 corpus
 artifacts
+coverage
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
index b24211f8..93d6d5e3 100644
--- a/fuzz/Cargo.toml
+++ b/fuzz/Cargo.toml
@@ -1,17 +1,18 @@
-
 [package]
 name = "quick-xml-fuzz"
-version = "0.0.1"
+version = "0.0.0"
 authors = ["Automatically generated"]
 publish = false
+edition = "2018"
 
 [package.metadata]
 cargo-fuzz = true
 
+[dependencies]
+libfuzzer-sys = "0.4"
+
 [dependencies.quick-xml]
 path = ".."
-[dependencies.libfuzzer-sys]
-git = "https://github.com/rust-fuzz/libfuzzer-sys.git"
 
 # Prevent this from interfering with workspaces
 [workspace]
@@ -20,3 +21,5 @@ members = ["."]
 [[bin]]
 name = "fuzz_target_1"
 path = "fuzz_targets/fuzz_target_1.rs"
+test = false
+doc = false
diff --git a/fuzz/README.md b/fuzz/README.md
new file mode 100644
index 00000000..ca9139b5
--- /dev/null
+++ b/fuzz/README.md
@@ -0,0 +1,7 @@
+Run fuzzing with `-O` to avoid false positives at `debug_assert!`, e.g.:
+
+```bash
+cargo fuzz run -O -j4 fuzz_target_1
+```
+
+See also: https://github.com/rust-fuzz/cargo-fuzz
diff --git a/fuzz/fuzz_targets/fuzz_target_1.rs b/fuzz/fuzz_targets/fuzz_target_1.rs
index b7d0640e..1588411d 100644
--- a/fuzz/fuzz_targets/fuzz_target_1.rs
+++ b/fuzz/fuzz_targets/fuzz_target_1.rs
@@ -1,5 +1,5 @@
 #![no_main]
-#[macro_use] extern crate libfuzzer_sys;
+use libfuzzer_sys::fuzz_target;
 
 use quick_xml::events::Event;
 use quick_xml::reader::Reader;
@@ -12,20 +12,22 @@ fuzz_target!(|data: &[u8]| {
     let mut buf = vec![];
     loop {
         match reader.read_event_into(&mut buf) {
-            Ok(Event::Start(ref e)) | Ok(Event::Empty(ref e))=> {
-                if e.unescaped().is_err() {
-                    break;
-                }
+            Ok(Event::Start(ref e)) | Ok(Event::Empty(ref e)) => {
                 for a in e.attributes() {
-                    if a.ok().map_or(false, |a| a.unescaped_value().is_err()) {
+                    if a.ok().map_or(false, |a| a.unescape_value().is_err()) {
                         break;
                     }
                 }
             }
             Ok(Event::Text(ref e)) | Ok(Event::Comment(ref e))
-            | Ok(Event::CData(ref e)) | Ok(Event::PI(ref e))
+            | Ok(Event::PI(ref e))
             | Ok(Event::DocType(ref e)) => {
-                if e.unescaped().is_err() {
+                if e.unescape().is_err() {
+                    break;
+                }
+            }
+            Ok(Event::CData(e)) => {
+                if e.escape().is_err() {
                     break;
                 }
             }