Move TextEncoder type information to Profile

Summary: For easier maintenance when pulling in future changes from upstream Related PR: googleprojectzero/fuzzilli#419 Reviewed By: werew Differential Revision: D54571292 fbshipit-source-id: 763b8ae1ae11aa458bd0b432f67640e0c1ab7668
facebook · Apr 20, 2024 · 5e22aeb · 5e22aeb
1 parent ba6f299
commit 5e22aeb
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/tools/fuzzers/fuzzilli/profile/HermesProfile.swift b/tools/fuzzers/fuzzilli/profile/HermesProfile.swift
@@ -7,6 +7,8 @@
 
 import Fuzzilli
 
+let TextEncoderConstructor = ILType.object(ofGroup: "TextEncoder", withProperties: ["encoding"], withMethods: ["encodeInto", "encode"])
+
 let hermesProfile = Profile(
     processArgs:  { randomize in
       var args = ["--reprl"]
@@ -65,14 +67,27 @@ let hermesProfile = Profile(
         "HermesInternal.getRuntimeProperties"            : .function([] => .object(ofGroup: "Object", withProperties: ["Snapshot VM", "Bytecode Version", "Builtins Frozen", "VM Experiments", "Build", "GC", "OSS Release Version", "Debugger Enabled", "CommonJS Modules"])),
         "HermesInternal.ttiReached"                      : .function([] => .undefined),
         "HermesInternal.getFunctionLocation"             : .function([.plain(.function())] => .object(ofGroup: "Object", withProperties: ["isNative", "lineNumber", "columnNumber", "fileName"])),
+        "TextEncoder"                                    : TextEncoderConstructor,
 
         // The methods below are disabled since they are not very interesting to fuzz
         // "HermesInternal.hasPromise"                   : .function([] => .boolean),
         // "HermesInternal.useEngineQueue"               : .function([] => .boolean),
         // "HermesInternal.ttrcReached"                  : .function([] => .undefined),
     ],
 
-    additionalObjectGroups: [],
+    additionalObjectGroups: [
+        ObjectGroup(
+            name: "TextEncoder",
+            instanceType: TextEncoderConstructor,
+            properties: [
+                "encoding"      : .jsString,
+            ],
+            methods: [
+                "encodeInto"    : [.string] => .jsTypedArray("Uint8Array"),
+                //TODO(edq) encode signature should be [.string, .jsTypedArray("Uint8Array")], but currently there seems to be no way to express Uint8Array as a JSType in Fuzzilli
+                "encode"        : [.string, .iterable] => .object(),
+            ]),
+    ],
 
     optionalPostProcessor: nil
 )