Mercurial > hg
view contrib/fuzz/standalone_fuzz_target_runner.cc @ 45090:0ecb3b11fcad
rebase: correctly check for empty commit in in-memory mode
The new code has a small overhead in the empty commit case, as a `memctx` object
is always created, but I don’t think it’s justified here to duplicate code
to optimize a relatively unlikely code path.
Differential Revision: https://phab.mercurial-scm.org/D8732
| author | Manuel Jacob <me@manueljacob.de> |
|---|---|
| date | Sat, 11 Jul 2020 03:10:23 +0200 |
| parents | e137338e926b |
| children |
line wrap: on
line source
// Copyright 2017 Google Inc. All Rights Reserved. // Licensed under the Apache License, Version 2.0 (the "License"); // Example of a standalone runner for "fuzz targets". // It reads all files passed as parameters and feeds their contents // one by one into the fuzz target (LLVMFuzzerTestOneInput). // This runner does not do any fuzzing, but allows us to run the fuzz target // on the test corpus (e.g. "do_stuff_test_data") or on a single file, // e.g. the one that comes from a bug report. #include <cassert> #include <fstream> #include <iostream> #include <vector> // Forward declare the "fuzz target" interface. // We deliberately keep this inteface simple and header-free. extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); int main(int argc, char **argv) { LLVMFuzzerInitialize(&argc, &argv); for (int i = 1; i < argc; i++) { std::ifstream in(argv[i]); in.seekg(0, in.end); size_t length = in.tellg(); in.seekg(0, in.beg); std::cout << "Reading " << length << " bytes from " << argv[i] << std::endl; // Allocate exactly length bytes so that we reliably catch // buffer overflows. std::vector<char> bytes(length); in.read(bytes.data(), bytes.size()); assert(in); LLVMFuzzerTestOneInput( reinterpret_cast<const uint8_t *>(bytes.data()), bytes.size()); std::cout << "Execution successful" << std::endl; } return 0; } // no-check-code since this is from a third party