Mercurial > hg
annotate contrib/fuzz/bdiff.cc @ 35670:2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
I'd like to get the majority of our C code covered by automated fuzz
testing. I've started with bdiff because it was already decoupled from
libpython and therefore was fairly quick to produce a working
fuzzer. The code here is a little odd because I've been having trouble
convincing libfuzzer to define a main and I threw in the towel.
This code will also work with github.com/google/oss-fuzz, and once it
lands in our main repo I intend to enable automated fuzzing in
oss-fuzz with reports going to our security alias.
Differential Revision: https://phab.mercurial-scm.org/D1875
| author | Augie Fackler <augie@google.com> |
|---|---|
| date | Wed, 17 Jan 2018 15:47:38 -0500 |
| parents | |
| children | fa0ddd5e8fff |
| rev | line source |
|---|---|
|
35670
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
1 /* |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
2 * bdiff.cc - fuzzer harness for bdiff.c |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
3 * |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
4 * Copyright 2018, Google Inc. |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
5 * |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
6 * This software may be used and distributed according to the terms of |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
7 * the GNU General Public License, incorporated herein by reference. |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
8 */ |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
9 #include <stdlib.h> |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
10 |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
11 extern "C" { |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
12 #include "bdiff.h" |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
13 |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
14 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
15 { |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
16 if (!Size) { |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
17 return 0; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
18 } |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
19 // figure out a random point in [0, Size] to split our input. |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
20 size_t split = Data[0] / 255.0 * Size; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
21 |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
22 // left input to diff is data[1:split] |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
23 const uint8_t *left = Data + 1; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
24 // which has len split-1 |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
25 size_t left_size = split - 1; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
26 // right starts at the next byte after left ends |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
27 const uint8_t *right = left + left_size; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
28 size_t right_size = Size - split; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
29 |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
30 struct bdiff_line *a, *b; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
31 int an = bdiff_splitlines((const char *)left, split - 1, &a); |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
32 int bn = bdiff_splitlines((const char *)right, right_size, &b); |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
33 struct bdiff_hunk l; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
34 bdiff_diff(a, an, b, bn, &l); |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
35 free(a); |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
36 free(b); |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
37 bdiff_freehunks(l.next); |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
38 return 0; // Non-zero return values are reserved for future use. |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
39 } |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
40 |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
41 #ifdef HG_FUZZER_INCLUDE_MAIN |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
42 int main(int argc, char **argv) |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
43 { |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
44 const char data[] = "asdf"; |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
45 return LLVMFuzzerTestOneInput((const uint8_t *)data, 4); |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
46 } |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
47 #endif |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
48 |
|
2b9e2415f5b5
contrib: add some basic scaffolding for some fuzz test targets
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
49 } // extern "C" |