Mercurial > hg
changeset 43615:6f5c352f41b6
fuzz: clean out most of fuzzutil
It's now a header-only setup that just selects absl:: or std::
versions of things as needed, and a logging helper. There's some room
for future cleanups here: we could move to just requiring a C++17
compiler and get rid of the absl stuff. Also, the mpatch parser has a
fair amount of parsing the input string into char* blocks that we can
and probably should fix that up to use FuzzedDataProvider as well.
Differential Revision: https://phab.mercurial-scm.org/D7370
| author | Augie Fackler <augie@google.com> |
|---|---|
| date | Mon, 11 Nov 2019 16:45:22 -0500 |
| parents | 78df32a8b6f4 |
| children | 92bb5bacd807 |
| files | contrib/fuzz/Makefile contrib/fuzz/fuzzutil.cc contrib/fuzz/fuzzutil.h |
| diffstat | 3 files changed, 12 insertions(+), 58 deletions(-) [+] |
line wrap: on
line diff
--- a/contrib/fuzz/Makefile Mon Nov 11 16:37:18 2019 -0500 +++ b/contrib/fuzz/Makefile Mon Nov 11 16:45:22 2019 -0500 @@ -3,15 +3,6 @@ all: bdiff mpatch xdiff -fuzzutil.o: fuzzutil.cc fuzzutil.h - $(CXX) $(CXXFLAGS) -g -O1 \ - -std=c++17 \ - -I../../mercurial -c -o fuzzutil.o fuzzutil.cc - -fuzzutil-oss-fuzz.o: fuzzutil.cc fuzzutil.h - $(CXX) $(CXXFLAGS) -std=c++17 \ - -I../../mercurial -c -o fuzzutil-oss-fuzz.o fuzzutil.cc - pyutil.o: pyutil.cc pyutil.h $(CXX) $(CXXFLAGS) -g -O1 \ `$$OUT/sanpy/bin/python-config --cflags` \ @@ -21,17 +12,17 @@ $(CC) $(CFLAGS) -fsanitize=fuzzer-no-link,address -c -o bdiff.o \ ../../mercurial/bdiff.c -bdiff: bdiff.cc bdiff.o fuzzutil.o +bdiff: bdiff.cc bdiff.o $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \ -std=c++17 \ - -I../../mercurial bdiff.cc bdiff.o fuzzutil.o -o bdiff + -I../../mercurial bdiff.cc bdiff.o -o bdiff bdiff-oss-fuzz.o: ../../mercurial/bdiff.c $(CC) $(CFLAGS) -c -o bdiff-oss-fuzz.o ../../mercurial/bdiff.c -bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o +bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial bdiff.cc \ - bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \ + bdiff-oss-fuzz.o -lFuzzingEngine -o \ $$OUT/bdiff_fuzzer mpatch.o: ../../mercurial/mpatch.c @@ -39,16 +30,16 @@ ../../mercurial/mpatch.c mpatch: CXXFLAGS += -std=c++17 -mpatch: mpatch.cc mpatch.o fuzzutil.o +mpatch: mpatch.cc mpatch.o $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \ - -I../../mercurial mpatch.cc mpatch.o fuzzutil.o -o mpatch + -I../../mercurial mpatch.cc mpatch.o -o mpatch mpatch-oss-fuzz.o: ../../mercurial/mpatch.c $(CC) $(CFLAGS) -c -o mpatch-oss-fuzz.o ../../mercurial/mpatch.c -mpatch_fuzzer: mpatch.cc mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o +mpatch_fuzzer: mpatch.cc mpatch-oss-fuzz.o $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial mpatch.cc \ - mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \ + mpatch-oss-fuzz.o -lFuzzingEngine -o \ $$OUT/mpatch_fuzzer mpatch_corpus.zip: @@ -60,19 +51,19 @@ $< xdiff: CXXFLAGS += -std=c++17 -xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o fuzzutil.o +xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \ -I../../mercurial xdiff.cc \ - xdiffi.o xprepare.o xutils.o fuzzutil.o -o xdiff + xdiffi.o xprepare.o xutils.o -o xdiff fuzz-x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h $(CC) $(CFLAGS) -c \ -o $@ \ $< -xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o +xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial xdiff.cc \ - fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o \ + fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o \ -lFuzzingEngine -o $$OUT/xdiff_fuzzer manifest.o: ../../mercurial/cext/manifest.c
--- a/contrib/fuzz/fuzzutil.cc Mon Nov 11 16:37:18 2019 -0500 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,27 +0,0 @@ -#include "fuzzutil.h" - -#include <cstring> -#include <utility> - -contrib::optional<two_inputs> SplitInputs(const uint8_t *Data, size_t Size) -{ - if (!Size) { - return contrib::nullopt; - } - // figure out a random point in [0, Size] to split our input. - size_t left_size = (Data[0] / 255.0) * (Size - 1); - - // Copy inputs to new allocations so if bdiff over-reads - // AddressSanitizer can detect it. - std::unique_ptr<char[]> left(new char[left_size]); - std::memcpy(left.get(), Data + 1, left_size); - // right starts at the next byte after left ends - size_t right_size = Size - (left_size + 1); - std::unique_ptr<char[]> right(new char[right_size]); - std::memcpy(right.get(), Data + 1 + left_size, right_size); - LOG(2) << "inputs are " << left_size << " and " << right_size - << " bytes" << std::endl; - two_inputs result = {std::move(right), right_size, std::move(left), - left_size}; - return result; -}
--- a/contrib/fuzz/fuzzutil.h Mon Nov 11 16:37:18 2019 -0500 +++ b/contrib/fuzz/fuzzutil.h Mon Nov 11 16:45:22 2019 -0500 @@ -34,14 +34,4 @@ if (level <= DEBUG) \ std::cout -struct two_inputs { - std::unique_ptr<char[]> right; - size_t right_size; - std::unique_ptr<char[]> left; - size_t left_size; -}; - -/* Split a non-zero-length input into two inputs. */ -contrib::optional<two_inputs> SplitInputs(const uint8_t *Data, size_t Size); - #endif /* CONTRIB_FUZZ_FUZZUTIL_H */