facebook/zstd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Combining fuzz_data_producer restrict calls into a single function

Browse Source
This commit is contained in:
Dario Pavlovic 2019-09-11 10:09:29 -07:00
parent 23cc2d8510
commit b5b24c2a0d
10 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
tests/fuzz/block_round_trip.c
View File

@ -55,8 +55,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
int cLevel = FUZZ_dataProducer_uint32(producer) % kMaxClevel;

3
tests/fuzz/dictionary_decompress.c
View File

@ -27,8 +27,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
FUZZ_dict_t dict;
ZSTD_DDict* ddict = NULL;

3
tests/fuzz/dictionary_round_trip.c
View File

@ -71,8 +71,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
size_t const rBufSize = size;
void* rBuf = malloc(rBufSize);

7
tests/fuzz/fuzz_data_producer.c
View File

@ -65,3 +65,10 @@ size_t FUZZ_dataProducer_contract(FUZZ_dataProducer_t *producer, size_t newSize)
producer->size = newSize;
return remaining;
}
size_t FUZZ_dataProducer_reserveDataPrefix(FUZZ_dataProducer_t *producer)
{
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(
producer, 0, producer->size);
return FUZZ_dataProducer_contract(producer, producerSliceSize);
}

11
tests/fuzz/fuzz_data_producer.h
View File

@ -44,10 +44,13 @@ uint32_t FUZZ_dataProducer_uint32(FUZZ_dataProducer_t *producer);
/* Returns the size of the remaining bytes of data in the producer */
size_t FUZZ_dataProducer_remainingBytes(FUZZ_dataProducer_t *producer);
/* Tells the producer to contract to newSize bytes of data it currently uses,
counted from the end, and forget about the rest. If newSize > current data size,
nothing happens. Returns the number of bytes the producer won't use anymore,
after contracting. */
/* Restricts the producer to only the last newSize bytes of data.
If newSize > current data size, nothing happens. Returns the number of bytes
the producer won't use anymore, after contracting. */
size_t FUZZ_dataProducer_contract(FUZZ_dataProducer_t *producer, size_t newSize);
/* Restricts the producer to use only the last X bytes of data, where X is
a random number in the interval [0, data_size]. Returns the size of the
remaining data the producer won't use anymore (the prefix). */
size_t FUZZ_dataProducer_reserveDataPrefix(FUZZ_dataProducer_t *producer);
#endif // FUZZ_DATA_PRODUCER_H

3
tests/fuzz/simple_compress.c
View File

@ -27,8 +27,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
size_t const maxSize = ZSTD_compressBound(size);
size_t const bufSize = FUZZ_dataProducer_uint32Range(producer, 0, maxSize);

3
tests/fuzz/simple_decompress.c
View File

@ -26,8 +26,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
if (!dctx) {
dctx = ZSTD_createDCtx();

3
tests/fuzz/simple_round_trip.c
View File

@ -55,8 +55,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
/* Half of the time fuzz with a 1 byte smaller output size.
* This will still succeed because we don't use a dictionary, so the dictID

3
tests/fuzz/stream_decompress.c
View File

@ -56,8 +56,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
/* Allocate all buffers and contexts if not already allocated */
if (!buf) {

3
tests/fuzz/stream_round_trip.c
View File

@ -128,8 +128,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
/* Give a random portion of src data to the producer, to use for
parameter generation. The rest will be used for (de)compression */
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size);
size = FUZZ_dataProducer_contract(producer, producerSliceSize);
size = FUZZ_dataProducer_reserveDataPrefix(producer);
size_t neededBufSize;
neededBufSize = ZSTD_compressBound(size) * 5;