File: strcpy_fuzz.cpp

package info (click to toggle)
llvm-toolchain-20 1%3A20.1.8-1~exp1
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 2,111,388 kB
  • sloc: cpp: 7,438,767; ansic: 1,393,871; asm: 1,012,926; python: 241,728; f90: 86,635; objc: 75,411; lisp: 42,144; pascal: 17,286; sh: 10,027; ml: 5,082; perl: 4,730; awk: 3,523; makefile: 3,349; javascript: 2,251; xml: 892; fortran: 672
file content (38 lines) | stat: -rw-r--r-- 1,114 bytes parent folder | download | duplicates (9) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
//===-- strcpy_fuzz.cpp ---------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
///
/// Fuzzing test for llvm-libc strcpy implementation.
///
//===----------------------------------------------------------------------===//
#include "src/string/strcpy.h"
#include <stdint.h>

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  // Validate input
  if (!size) return 0;
  if (data[size - 1] != '\0') return 0;
  const char *src = (const char *)data;

  char *dest = new char[size];
  if (!dest) __builtin_trap();

  LIBC_NAMESPACE::strcpy(dest, src);

  size_t i;
  for (i = 0; src[i] != '\0'; i++) {
    // Ensure correctness of strcpy
    if (dest[i] != src[i]) __builtin_trap();
  }
  // Ensure strcpy null terminates dest
  if (dest[i] != src[i]) __builtin_trap();

  delete[] dest;

  return 0;
}