upstream/mercurial-mirror Files · contrib/fuzz/standalone_fuzz_target_runner.cc

packaging: split Inno installer building from Mercurial building...

packaging: split Inno installer building from Mercurial building We want to make the logic for producing the installer agnostic about how Mercurial is built to allow for alternate build methods (like PyOxidizer). Differential Revision: https://phab.mercurial-scm.org/D8472

Augie Fackler - - Load All Authors

File last commit:

r44253:01ec70a8 default


                r45255:5760936e

default

Download file

             standalone_fuzz_target_runner.cc
        
                    45 lines
            
             | 1.5 KiB
            
                | text/x-c
            
             |
                CppLexer
            
             / contrib / fuzz / standalone_fuzz_target_runner.cc
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      // Copyright 2017 Google Inc. All Rights Reserved.

      // Licensed under the Apache License, Version 2.0 (the "License");

      // Example of a standalone runner for "fuzz targets".

      // It reads all files passed as parameters and feeds their contents

      // one by one into the fuzz target (LLVMFuzzerTestOneInput).

      // This runner does not do any fuzzing, but allows us to run the fuzz target

      // on the test corpus (e.g. "do_stuff_test_data") or on a single file,

      // e.g. the one that comes from a bug report.

      #include <cassert>

      #include <fstream>

      #include <iostream>

      #include <vector>

      // Forward declare the "fuzz target" interface.

      // We deliberately keep this inteface simple and header-free.

      extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);

      extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv);

      int main(int argc, char **argv)

      {

      	LLVMFuzzerInitialize(&argc, &argv);

      	for (int i = 1; i < argc; i++) {

      		std::ifstream in(argv[i]);

      		in.seekg(0, in.end);

      		size_t length = in.tellg();

      		in.seekg(0, in.beg);

      		std::cout << "Reading " << length << " bytes from " << argv[i]

      		          << std::endl;

      		// Allocate exactly length bytes so that we reliably catch

      		// buffer overflows.

      		std::vector<char> bytes(length);

      		in.read(bytes.data(), bytes.size());

      		assert(in);

      		LLVMFuzzerTestOneInput(

      		    reinterpret_cast<const uint8_t *>(bytes.data()),

      		    bytes.size());

      		std::cout << "Execution successful" << std::endl;

      	}

      	return 0;

      }

      // no-check-code since this is from a third party

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				// Copyright 2017 Google Inc. All Rights Reserved.
				// Licensed under the Apache License, Version 2.0 (the "License");

				// Example of a standalone runner for "fuzz targets".
				// It reads all files passed as parameters and feeds their contents
				// one by one into the fuzz target (LLVMFuzzerTestOneInput).
				// This runner does not do any fuzzing, but allows us to run the fuzz target
				// on the test corpus (e.g. "do_stuff_test_data") or on a single file,
				// e.g. the one that comes from a bug report.

				#include <cassert>
				#include <fstream>
				#include <iostream>
				#include <vector>

				// Forward declare the "fuzz target" interface.
				// We deliberately keep this inteface simple and header-free.
				extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);

				extern "C" int LLVMFuzzerInitialize(int argc, char **argv);

				int main(int argc, char **argv)
				{
				LLVMFuzzerInitialize(&argc, &argv);

				for (int i = 1; i < argc; i++) {
				std::ifstream in(argv[i]);
				in.seekg(0, in.end);
				size_t length = in.tellg();
				in.seekg(0, in.beg);
				std::cout << "Reading " << length << " bytes from " << argv[i]
				<< std::endl;
				// Allocate exactly length bytes so that we reliably catch
				// buffer overflows.
				std::vector<char> bytes(length);
				in.read(bytes.data(), bytes.size());
				assert(in);
				LLVMFuzzerTestOneInput(
				reinterpret_cast<const uint8_t *>(bytes.data()),
				bytes.size());
				std::cout << "Execution successful" << std::endl;
				}
				return 0;
				}
				// no-check-code since this is from a third party