File: get_error_info_fuzzer.cpp

package info (click to toggle)
llvm-toolchain-15 1%3A15.0.6-4
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 1,554,644 kB
  • sloc: cpp: 5,922,452; ansic: 1,012,136; asm: 674,362; python: 191,568; objc: 73,855; f90: 42,327; lisp: 31,913; pascal: 11,973; javascript: 10,144; sh: 9,421; perl: 7,447; ml: 5,527; awk: 3,523; makefile: 2,520; xml: 885; cs: 573; fortran: 567
file content (60 lines) | stat: -rw-r--r-- 2,190 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
//===-- get_error_info_fuzzer.cpp -----------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

#define SCUDO_FUZZ
#include "allocator_config.h"
#include "combined.h"

#include <fuzzer/FuzzedDataProvider.h>

#include <string>
#include <vector>

extern "C" int LLVMFuzzerTestOneInput(uint8_t *Data, size_t Size) {
  using AllocatorT = scudo::Allocator<scudo::AndroidConfig>;
  FuzzedDataProvider FDP(Data, Size);

  uintptr_t FaultAddr = FDP.ConsumeIntegral<uintptr_t>();
  uintptr_t MemoryAddr = FDP.ConsumeIntegral<uintptr_t>();

  std::string MemoryAndTags =
      FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
  const char *Memory = MemoryAndTags.c_str();
  // Assume 16-byte alignment.
  size_t MemorySize = (MemoryAndTags.length() / 17) * 16;
  const char *MemoryTags = Memory + MemorySize;

  std::string StackDepotBytes =
      FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
  std::vector<char> StackDepot(sizeof(scudo::StackDepot), 0);
  for (size_t i = 0; i < StackDepotBytes.length() && i < StackDepot.size();
       ++i) {
    StackDepot[i] = StackDepotBytes[i];
  }

  std::string RegionInfoBytes =
      FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
  std::vector<char> RegionInfo(AllocatorT::getRegionInfoArraySize(), 0);
  for (size_t i = 0; i < RegionInfoBytes.length() && i < RegionInfo.size();
       ++i) {
    RegionInfo[i] = RegionInfoBytes[i];
  }

  std::string RingBufferBytes = FDP.ConsumeRemainingBytesAsString();
  std::vector<char> RingBuffer(AllocatorT::getRingBufferSize(), 0);
  for (size_t i = 0; i < RingBufferBytes.length() && i < RingBuffer.size();
       ++i) {
    RingBuffer[i] = RingBufferBytes[i];
  }

  scudo_error_info ErrorInfo;
  AllocatorT::getErrorInfo(&ErrorInfo, FaultAddr, StackDepot.data(),
                           RegionInfo.data(), RingBuffer.data(), Memory,
                           MemoryTags, MemoryAddr, MemorySize);
  return 0;
}