Move TextEncoder type information to Profile

Summary: Original Author: [email protected] Original Git: 5e22aeb Original Reviewed By: werew Original Revision: D54571292 For easier maintenance when pulling in future changes from upstream Related PR: googleprojectzero/fuzzilli#419 Reviewed By: neildhar Differential Revision: D58849769 fbshipit-source-id: 02ea7874d8cbdafc07a54499ca731f4620d58dc1
facebook · Jun 24, 2024 · efca344 · efca344
1 parent fc58ce5
commit efca344
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/tools/fuzzers/fuzzilli/profile/HermesProfile.swift b/tools/fuzzers/fuzzilli/profile/HermesProfile.swift
@@ -7,6 +7,8 @@
 
 import Fuzzilli
 
+let TextEncoderConstructor = ILType.object(ofGroup: "TextEncoder", withProperties: ["encoding"], withMethods: ["encodeInto", "encode"])
+
 let hermesProfile = Profile(
     processArgs:  { randomize in
       var args = ["--reprl"]
@@ -65,14 +67,27 @@ let hermesProfile = Profile(
         "HermesInternal.getRuntimeProperties"            : .function([] => .object(ofGroup: "Object", withProperties: ["Snapshot VM", "Bytecode Version", "Builtins Frozen", "VM Experiments", "Build", "GC", "OSS Release Version", "Debugger Enabled", "CommonJS Modules"])),
         "HermesInternal.ttiReached"                      : .function([] => .undefined),
         "HermesInternal.getFunctionLocation"             : .function([.plain(.function())] => .object(ofGroup: "Object", withProperties: ["isNative", "lineNumber", "columnNumber", "fileName"])),
+        "TextEncoder"                                    : TextEncoderConstructor,
 
         // The methods below are disabled since they are not very interesting to fuzz
         // "HermesInternal.hasPromise"                   : .function([] => .boolean),
         // "HermesInternal.useEngineQueue"               : .function([] => .boolean),
         // "HermesInternal.ttrcReached"                  : .function([] => .undefined),
     ],
 
-    additionalObjectGroups: [],
+    additionalObjectGroups: [
+        ObjectGroup(
+            name: "TextEncoder",
+            instanceType: TextEncoderConstructor,
+            properties: [
+                "encoding"      : .jsString,
+            ],
+            methods: [
+                "encodeInto"    : [.string] => .jsTypedArray("Uint8Array"),
+                //TODO(edq) encode signature should be [.string, .jsTypedArray("Uint8Array")], but currently there seems to be no way to express Uint8Array as a JSType in Fuzzilli
+                "encode"        : [.string, .iterable] => .object(),
+            ]),
+    ],
 
     optionalPostProcessor: nil
 )