File: strcpy_fuzz.cpp

package info (click to toggle)
llvm-toolchain-21 1%3A21.1.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 2,235,796 kB
  • sloc: cpp: 7,617,614; ansic: 1,433,901; asm: 1,058,726; python: 252,096; f90: 94,671; objc: 70,753; lisp: 42,813; pascal: 18,401; sh: 10,032; ml: 5,111; perl: 4,720; awk: 3,523; makefile: 3,401; javascript: 2,272; xml: 892; fortran: 770
file content (38 lines) | stat: -rw-r--r-- 1,114 bytes parent folder | download | duplicates (10) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
//===-- strcpy_fuzz.cpp ---------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
///
/// Fuzzing test for llvm-libc strcpy implementation.
///
//===----------------------------------------------------------------------===//
#include "src/string/strcpy.h"
#include <stdint.h>

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  // Validate input
  if (!size) return 0;
  if (data[size - 1] != '\0') return 0;
  const char *src = (const char *)data;

  char *dest = new char[size];
  if (!dest) __builtin_trap();

  LIBC_NAMESPACE::strcpy(dest, src);

  size_t i;
  for (i = 0; src[i] != '\0'; i++) {
    // Ensure correctness of strcpy
    if (dest[i] != src[i]) __builtin_trap();
  }
  // Ensure strcpy null terminates dest
  if (dest[i] != src[i]) __builtin_trap();

  delete[] dest;

  return 0;
}