##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

fuzz: extract some common utilities and use modern C++ idioms...
Augie Fackler -
r38191:fa0ddd5e default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,26 b''
1 #include "fuzzutil.h"
2
3 #include <utility>
4
5 std::optional<two_inputs> SplitInputs(const uint8_t *Data, size_t Size)
6 {
7 if (!Size) {
8 return std::nullopt;
9 }
10 // figure out a random point in [0, Size] to split our input.
11 size_t left_size = (Data[0] / 255.0) * (Size - 1);
12
13 // Copy inputs to new allocations so if bdiff over-reads
14 // AddressSanitizer can detect it.
15 std::unique_ptr<char[]> left(new char[left_size]);
16 memcpy(left.get(), Data + 1, left_size);
17 // right starts at the next byte after left ends
18 size_t right_size = Size - (left_size + 1);
19 std::unique_ptr<char[]> right(new char[right_size]);
20 memcpy(right.get(), Data + 1 + left_size, right_size);
21 LOG(2) << "inputs are " << left_size << " and " << right_size
22 << " bytes" << std::endl;
23 two_inputs result = {std::move(right), right_size, std::move(left),
24 left_size};
25 return result;
26 }
Show file before | Show file after | Hide comments
@@ -0,0 +1,24 b''
1 #ifndef CONTRIB_FUZZ_FUZZUTIL_H
2 #define CONTRIB_FUZZ_FUZZUTIL_H
3 #include <iostream>
4 #include <memory>
5 #include <optional>
6 #include <stdint.h>
7
8 /* set DEBUG to 1 for a few debugging prints, or 2 for a lot */
9 #define DEBUG 0
10 #define LOG(level) \
11 if (level <= DEBUG) \
12 std::cout
13
14 struct two_inputs {
15 std::unique_ptr<char[]> right;
16 size_t right_size;
17 std::unique_ptr<char[]> left;
18 size_t left_size;
19 };
20
21 /* Split a non-zero-length input into two inputs. */
22 std::optional<two_inputs> SplitInputs(const uint8_t *Data, size_t Size);
23
24 #endif /* CONTRIB_FUZZ_FUZZUTIL_H */
Show file before | Show file after | Hide comments
@@ -1,36 +1,42 b''
1 fuzzutil.o: fuzzutil.cc fuzzutil.h
2 $$CXX $$CXXFLAGS -g -O1 -fsanitize=fuzzer-no-link,address \
3 -std=c++17 \
4 -I../../mercurial -c -o fuzzutil.o fuzzutil.cc
5
1 bdiff.o: ../../mercurial/bdiff.c
6 bdiff.o: ../../mercurial/bdiff.c
2 clang -g -O1 -fsanitize=fuzzer-no-link,address -c -o bdiff.o \
7 $$CC $$CFLAGS -fsanitize=fuzzer-no-link,address -c -o bdiff.o \
3 ../../mercurial/bdiff.c
8 ../../mercurial/bdiff.c
4
9
5 bdiff: bdiff.cc bdiff.o
10 bdiff: bdiff.cc bdiff.o fuzzutil.o
6 clang -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
11 $$CXX $$CXXFLAGS -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
7 -I../../mercurial bdiff.cc bdiff.o -o bdiff
12 -std=c++17 \
13 -I../../mercurial bdiff.cc bdiff.o fuzzutil.o -o bdiff
8
14
9 bdiff-oss-fuzz.o: ../../mercurial/bdiff.c
15 bdiff-oss-fuzz.o: ../../mercurial/bdiff.c
10 $$CC $$CFLAGS -c -o bdiff-oss-fuzz.o ../../mercurial/bdiff.c
16 $$CC $$CFLAGS -c -o bdiff-oss-fuzz.o ../../mercurial/bdiff.c
11
17
12 bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o
18 bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o fuzzutil.o
13 $$CXX $$CXXFLAGS -std=c++11 -I../../mercurial bdiff.cc \
19 $$CXX $$CXXFLAGS -std=c++17 -I../../mercurial bdiff.cc \
14 bdiff-oss-fuzz.o -lFuzzingEngine -o $$OUT/bdiff_fuzzer
20 bdiff-oss-fuzz.o fuzzutil.o -lFuzzingEngine -o $$OUT/bdiff_fuzzer
15
21
16 x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
22 x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
17 clang -g -O1 -fsanitize=fuzzer-no-link,address -c \
23 $$CC -g -O1 -fsanitize=fuzzer-no-link,address -c \
18 -o $@ \
24 -o $@ \
19 $<
25 $<
20
26
21 xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o
27 xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o fuzzutil.o
22 clang -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
28 $$CXX $$CXXFLAGS -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
23 -I../../mercurial xdiff.cc \
29 -I../../mercurial xdiff.cc \
24 xdiffi.o xprepare.o xutils.o -o xdiff
30 xdiffi.o xprepare.o xutils.o fuzzutil.o -o xdiff
25
31
26 fuzz-x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
32 fuzz-x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
27 $$CC $$CFLAGS -c \
33 $$CC $$CFLAGS -c \
28 -o $@ \
34 -o $@ \
29 $<
35 $<
30
36
31 xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o
37 xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil.o
32 $$CXX $$CXXFLAGS -std=c++11 -I../../mercurial xdiff.cc \
38 $$CXX $$CXXFLAGS -std=c++17 -I../../mercurial xdiff.cc \
33 fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o \
39 fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil.o \
34 -lFuzzingEngine -o $$OUT/xdiff_fuzzer
40 -lFuzzingEngine -o $$OUT/xdiff_fuzzer
35
41
36 all: bdiff xdiff
42 all: bdiff xdiff
Show file before | Show file after | Hide comments
@@ -6,30 +6,25 b''
6 * This software may be used and distributed according to the terms of
6 * This software may be used and distributed according to the terms of
7 * the GNU General Public License, incorporated herein by reference.
7 * the GNU General Public License, incorporated herein by reference.
8 */
8 */
9 #include <memory>
9 #include <stdlib.h>
10 #include <stdlib.h>
10
11
12 #include "fuzzutil.h"
13
11 extern "C" {
14 extern "C" {
12 #include "bdiff.h"
15 #include "bdiff.h"
13
16
14 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
17 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
15 {
18 {
16 if (!Size) {
19 auto maybe_inputs = SplitInputs(Data, Size);
20 if (!maybe_inputs) {
17 return 0;
21 return 0;
18 }
22 }
19 // figure out a random point in [0, Size] to split our input.
23 auto inputs = std::move(maybe_inputs.value());
20 size_t split = Data[0] / 255.0 * Size;
21
22 // left input to diff is data[1:split]
23 const uint8_t *left = Data + 1;
24 // which has len split-1
25 size_t left_size = split - 1;
26 // right starts at the next byte after left ends
27 const uint8_t *right = left + left_size;
28 size_t right_size = Size - split;
29
24
30 struct bdiff_line *a, *b;
25 struct bdiff_line *a, *b;
31 int an = bdiff_splitlines((const char *)left, split - 1, &a);
26 int an = bdiff_splitlines(inputs.left.get(), inputs.left_size, &a);
32 int bn = bdiff_splitlines((const char *)right, right_size, &b);
27 int bn = bdiff_splitlines(inputs.right.get(), inputs.right_size, &b);
33 struct bdiff_hunk l;
28 struct bdiff_hunk l;
34 bdiff_diff(a, an, b, bn, &l);
29 bdiff_diff(a, an, b, bn, &l);
35 free(a);
30 free(a);
Show file before | Show file after | Hide comments
@@ -10,6 +10,8 b''
10 #include <inttypes.h>
10 #include <inttypes.h>
11 #include <stdlib.h>
11 #include <stdlib.h>
12
12
13 #include "fuzzutil.h"
14
13 extern "C" {
15 extern "C" {
14
16
15 int hunk_consumer(long a1, long a2, long b1, long b2, void *priv)
17 int hunk_consumer(long a1, long a2, long b1, long b2, void *priv)
@@ -20,21 +22,17 b' int hunk_consumer(long a1, long a2, long'
20
22
21 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
23 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
22 {
24 {
23 if (!Size) {
25 auto maybe_inputs = SplitInputs(Data, Size);
26 if (!maybe_inputs) {
24 return 0;
27 return 0;
25 }
28 }
26 // figure out a random point in [0, Size] to split our input.
29 auto inputs = std::move(maybe_inputs.value());
27 size_t split = Data[0] / 255.0 * Size;
28
29 mmfile_t a, b;
30 mmfile_t a, b;
30
31
31 // `a` input to diff is data[1:split]
32 a.ptr = inputs.left.get();
32 a.ptr = (char *)Data + 1;
33 a.size = inputs.left_size;
33 // which has len split-1
34 b.ptr = inputs.right.get();
34 a.size = split - 1;
35 b.size = inputs.right_size;
35 // `b` starts at the next byte after `a` ends
36 b.ptr = a.ptr + a.size;
37 b.size = Size - split;
38 xpparam_t xpp = {
36 xpparam_t xpp = {
39 XDF_INDENT_HEURISTIC, /* flags */
37 XDF_INDENT_HEURISTIC, /* flags */
40 };
38 };
General Comments 0
You need to be logged in to leave comments. Login now