Mercurial > hg
view contrib/fuzz/standalone_fuzz_target_runner.cc @ 52019:a47f09da8bd1
stream: prefer keeping an open file handle to volatile file instead of copy
We will still do copy if too many file handle are open. Currently, have less
than 10 volatile files in typical usage, so we should be fine.
See inline documentation for details.
| author | Pierre-Yves David <pierre-yves.david@octobus.net> |
|---|---|
| date | Tue, 01 Oct 2024 16:07:51 +0200 |
| parents | e137338e926b |
| children |
line wrap: on
line source
// Copyright 2017 Google Inc. All Rights Reserved. // Licensed under the Apache License, Version 2.0 (the "License"); // Example of a standalone runner for "fuzz targets". // It reads all files passed as parameters and feeds their contents // one by one into the fuzz target (LLVMFuzzerTestOneInput). // This runner does not do any fuzzing, but allows us to run the fuzz target // on the test corpus (e.g. "do_stuff_test_data") or on a single file, // e.g. the one that comes from a bug report. #include <cassert> #include <fstream> #include <iostream> #include <vector> // Forward declare the "fuzz target" interface. // We deliberately keep this inteface simple and header-free. extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); int main(int argc, char **argv) { LLVMFuzzerInitialize(&argc, &argv); for (int i = 1; i < argc; i++) { std::ifstream in(argv[i]); in.seekg(0, in.end); size_t length = in.tellg(); in.seekg(0, in.beg); std::cout << "Reading " << length << " bytes from " << argv[i] << std::endl; // Allocate exactly length bytes so that we reliably catch // buffer overflows. std::vector<char> bytes(length); in.read(bytes.data(), bytes.size()); assert(in); LLVMFuzzerTestOneInput( reinterpret_cast<const uint8_t *>(bytes.data()), bytes.size()); std::cout << "Execution successful" << std::endl; } return 0; } // no-check-code since this is from a third party