upstream/mercurial-mirror Files · contrib/fuzz/standalone_fuzz_target_runner.cc

rust-cpython: add panicking version of borrow_mut() and use it...

rust-cpython: add panicking version of borrow_mut() and use it The original borrow_mut() is renamed to try_borrow_mut(). Since leak_immutable() no longer incref the borrow count, the caller should know if the underlying value is borrowed or not. No Python world is involved. That's why we can simply use the panicking borrow_mut().

Augie Fackler - - Load All Authors

File last commit:

r44253:01ec70a8 default


                r44685:2a24ead0

default

Download file

             standalone_fuzz_target_runner.cc
        
                    45 lines
            
             | 1.5 KiB
            
                | text/x-c
            
             |
                CppLexer
            
             / contrib / fuzz / standalone_fuzz_target_runner.cc
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      // Copyright 2017 Google Inc. All Rights Reserved.

      // Licensed under the Apache License, Version 2.0 (the "License");

      // Example of a standalone runner for "fuzz targets".

      // It reads all files passed as parameters and feeds their contents

      // one by one into the fuzz target (LLVMFuzzerTestOneInput).

      // This runner does not do any fuzzing, but allows us to run the fuzz target

      // on the test corpus (e.g. "do_stuff_test_data") or on a single file,

      // e.g. the one that comes from a bug report.

      #include <cassert>

      #include <fstream>

      #include <iostream>

      #include <vector>

      // Forward declare the "fuzz target" interface.

      // We deliberately keep this inteface simple and header-free.

      extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);

      extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv);

      int main(int argc, char **argv)

      {

      	LLVMFuzzerInitialize(&argc, &argv);

      	for (int i = 1; i < argc; i++) {

      		std::ifstream in(argv[i]);

      		in.seekg(0, in.end);

      		size_t length = in.tellg();

      		in.seekg(0, in.beg);

      		std::cout << "Reading " << length << " bytes from " << argv[i]

      		          << std::endl;

      		// Allocate exactly length bytes so that we reliably catch

      		// buffer overflows.

      		std::vector<char> bytes(length);

      		in.read(bytes.data(), bytes.size());

      		assert(in);

      		LLVMFuzzerTestOneInput(

      		    reinterpret_cast<const uint8_t *>(bytes.data()),

      		    bytes.size());

      		std::cout << "Execution successful" << std::endl;

      	}

      	return 0;

      }

      // no-check-code since this is from a third party

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				// Copyright 2017 Google Inc. All Rights Reserved.
				// Licensed under the Apache License, Version 2.0 (the "License");

				// Example of a standalone runner for "fuzz targets".
				// It reads all files passed as parameters and feeds their contents
				// one by one into the fuzz target (LLVMFuzzerTestOneInput).
				// This runner does not do any fuzzing, but allows us to run the fuzz target
				// on the test corpus (e.g. "do_stuff_test_data") or on a single file,
				// e.g. the one that comes from a bug report.

				#include <cassert>
				#include <fstream>
				#include <iostream>
				#include <vector>

				// Forward declare the "fuzz target" interface.
				// We deliberately keep this inteface simple and header-free.
				extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);

				extern "C" int LLVMFuzzerInitialize(int argc, char **argv);

				int main(int argc, char **argv)
				{
				LLVMFuzzerInitialize(&argc, &argv);

				for (int i = 1; i < argc; i++) {
				std::ifstream in(argv[i]);
				in.seekg(0, in.end);
				size_t length = in.tellg();
				in.seekg(0, in.beg);
				std::cout << "Reading " << length << " bytes from " << argv[i]
				<< std::endl;
				// Allocate exactly length bytes so that we reliably catch
				// buffer overflows.
				std::vector<char> bytes(length);
				in.read(bytes.data(), bytes.size());
				assert(in);
				LLVMFuzzerTestOneInput(
				reinterpret_cast<const uint8_t *>(bytes.data()),
				bytes.size());
				std::cout << "Execution successful" << std::endl;
				}
				return 0;
				}
				// no-check-code since this is from a third party