| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| # These tests depend on both coverage and dfsan instrumentation. | ||
|
|
||
| set(DFSAN_FUZZER_ABI_LIST "${CMAKE_CURRENT_SOURCE_DIR}/../../dfsan_fuzzer_abi.list") | ||
|
|
||
| set(CMAKE_CXX_FLAGS_RELEASE | ||
| "${LIBFUZZER_FLAGS_BASE} -O0 -fno-sanitize=all -fsanitize=dataflow -mllvm -sanitizer-coverage-experimental-trace-compares=1 -fsanitize-blacklist=${DFSAN_FUZZER_ABI_LIST}") | ||
|
|
||
| foreach(Test ${DFSanTests}) | ||
| set_source_files_properties(${Test}.cpp PROPERTIES OBJECT_DEPENDS ${DFSAN_FUZZER_ABI_LIST}) | ||
| add_executable(LLVMFuzzer-${Test} | ||
| ${Test}.cpp | ||
| ) | ||
| target_link_libraries(LLVMFuzzer-${Test} | ||
| LLVMFuzzer | ||
| ) | ||
| endforeach() | ||
|
|
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| // Simple test for a fuzzer. The fuzzer must find several narrow ranges. | ||
| #include <cstdint> | ||
| #include <cstdlib> | ||
| #include <cstring> | ||
| #include <cstdio> | ||
|
|
||
| extern "C" void TestOneInput(const uint8_t *Data, size_t Size) { | ||
| if (Size < 14) return; | ||
| uint64_t x = 0; | ||
| int64_t y = 0; | ||
| int z = 0; | ||
| unsigned short a = 0; | ||
| memcpy(&x, Data, 8); | ||
| memcpy(&y, Data + Size - 8, 8); | ||
| memcpy(&z, Data + Size / 2, sizeof(z)); | ||
| memcpy(&a, Data + Size / 2 + 4, sizeof(a)); | ||
|
|
||
| if (x > 1234567890 && | ||
| x < 1234567895 && | ||
| y >= 987654321 && | ||
| y <= 987654325 && | ||
| z < -10000 && | ||
| z >= -10005 && | ||
| z != -10003 && | ||
| a == 4242) { | ||
| fprintf(stderr, "Found the target: size %zd (%zd, %zd, %d, %d), exiting.\n", | ||
| Size, x, y, z, a); | ||
| exit(1); | ||
| } | ||
| } |