blob: 530cc80b7fae0552fdc087c637516db0b6250dd7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
/*
* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#ifndef FUZZER_DRIVER_H_
#define FUZZER_DRIVER_H_
#include <stdint.h>
#include <iostream>
#include <vector>
#include <stdlib.h> // for setenv
#include <botan/exceptn.h>
using namespace Botan;
void fuzz(const uint8_t in[], size_t len);
void fuzzer_init()
{
/*
* This disables the mlock pool, as overwrites within the pool are
* opaque to ASan or other instrumentation.
*/
::setenv("BOTAN_MLOCK_POOL_SIZE", "0", 1);
}
#if defined(USE_LLVM_FUZZER)
// Called by main() in libFuzzer
extern "C" int LLVMFuzzerTestOneInput(const uint8_t in[], size_t len)
{
fuzz(in, len);
return 0;
}
int LLVMFuzzerInitialize(int *argc, char ***argv) {
fuzzer_init();
return 0;
}
#else
// Read stdin for AFL
int main(int argc, char* argv[])
{
const size_t max_read = 4096;
fuzzer_init();
#if defined(__AFL_LOOP)
while(__AFL_LOOP(1000))
#endif
{
std::vector<uint8_t> buf(max_read);
std::cin.read((char*)buf.data(), buf.size());
size_t got = std::cin.gcount();
buf.resize(got);
buf.shrink_to_fit();
fuzz(buf.data(), got);
}
}
#endif
#endif
// Some helpers for the fuzzer jigs
#define FUZZER_ASSERT_EQUAL(x, y) do { \
if(x != y) { \
std::cerr << #x << " = " << x << " !=\n" << #y << " = " << y \
<< " at " << __LINE__ << ":" << __FILE__ << std::endl; \
abort(); \
} } while(0)
#define FUZZER_ASSERT_TRUE(e) \
do { \
if(!(e)) { \
std::cerr << "Expression " << #e << " was false at " \
<< __LINE__ << ":" << __FILE__ << std::endl; \
abort(); \
} } while(0)
|
