1*5a6e8488SAndroid Build Coastguard Worker /*
2*5a6e8488SAndroid Build Coastguard Worker * *****************************************************************************
3*5a6e8488SAndroid Build Coastguard Worker *
4*5a6e8488SAndroid Build Coastguard Worker * SPDX-License-Identifier: BSD-2-Clause
5*5a6e8488SAndroid Build Coastguard Worker *
6*5a6e8488SAndroid Build Coastguard Worker * Copyright (c) 2018-2024 Gavin D. Howard and contributors.
7*5a6e8488SAndroid Build Coastguard Worker *
8*5a6e8488SAndroid Build Coastguard Worker * Redistribution and use in source and binary forms, with or without
9*5a6e8488SAndroid Build Coastguard Worker * modification, are permitted provided that the following conditions are met:
10*5a6e8488SAndroid Build Coastguard Worker *
11*5a6e8488SAndroid Build Coastguard Worker * * Redistributions of source code must retain the above copyright notice, this
12*5a6e8488SAndroid Build Coastguard Worker * list of conditions and the following disclaimer.
13*5a6e8488SAndroid Build Coastguard Worker *
14*5a6e8488SAndroid Build Coastguard Worker * * Redistributions in binary form must reproduce the above copyright notice,
15*5a6e8488SAndroid Build Coastguard Worker * this list of conditions and the following disclaimer in the documentation
16*5a6e8488SAndroid Build Coastguard Worker * and/or other materials provided with the distribution.
17*5a6e8488SAndroid Build Coastguard Worker *
18*5a6e8488SAndroid Build Coastguard Worker * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19*5a6e8488SAndroid Build Coastguard Worker * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20*5a6e8488SAndroid Build Coastguard Worker * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21*5a6e8488SAndroid Build Coastguard Worker * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22*5a6e8488SAndroid Build Coastguard Worker * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23*5a6e8488SAndroid Build Coastguard Worker * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24*5a6e8488SAndroid Build Coastguard Worker * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25*5a6e8488SAndroid Build Coastguard Worker * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26*5a6e8488SAndroid Build Coastguard Worker * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27*5a6e8488SAndroid Build Coastguard Worker * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28*5a6e8488SAndroid Build Coastguard Worker * POSSIBILITY OF SUCH DAMAGE.
29*5a6e8488SAndroid Build Coastguard Worker *
30*5a6e8488SAndroid Build Coastguard Worker * *****************************************************************************
31*5a6e8488SAndroid Build Coastguard Worker *
32*5a6e8488SAndroid Build Coastguard Worker * The entry point for libFuzzer when fuzzing dc.
33*5a6e8488SAndroid Build Coastguard Worker *
34*5a6e8488SAndroid Build Coastguard Worker */
35*5a6e8488SAndroid Build Coastguard Worker
36*5a6e8488SAndroid Build Coastguard Worker #include <setjmp.h>
37*5a6e8488SAndroid Build Coastguard Worker #include <string.h>
38*5a6e8488SAndroid Build Coastguard Worker
39*5a6e8488SAndroid Build Coastguard Worker #include <version.h>
40*5a6e8488SAndroid Build Coastguard Worker #include <status.h>
41*5a6e8488SAndroid Build Coastguard Worker #include <ossfuzz.h>
42*5a6e8488SAndroid Build Coastguard Worker #include <vm.h>
43*5a6e8488SAndroid Build Coastguard Worker #include <bc.h>
44*5a6e8488SAndroid Build Coastguard Worker #include <dc.h>
45*5a6e8488SAndroid Build Coastguard Worker
46*5a6e8488SAndroid Build Coastguard Worker uint8_t* bc_fuzzer_data;
47*5a6e8488SAndroid Build Coastguard Worker
48*5a6e8488SAndroid Build Coastguard Worker /// A boolean about whether we should use -c (false) or -C (true).
49*5a6e8488SAndroid Build Coastguard Worker static bool dc_C;
50*5a6e8488SAndroid Build Coastguard Worker
51*5a6e8488SAndroid Build Coastguard Worker int
LLVMFuzzerInitialize(int * argc,char *** argv)52*5a6e8488SAndroid Build Coastguard Worker LLVMFuzzerInitialize(int* argc, char*** argv)
53*5a6e8488SAndroid Build Coastguard Worker {
54*5a6e8488SAndroid Build Coastguard Worker BC_UNUSED(argc);
55*5a6e8488SAndroid Build Coastguard Worker
56*5a6e8488SAndroid Build Coastguard Worker if (argv == NULL || *argv == NULL)
57*5a6e8488SAndroid Build Coastguard Worker {
58*5a6e8488SAndroid Build Coastguard Worker dc_C = false;
59*5a6e8488SAndroid Build Coastguard Worker }
60*5a6e8488SAndroid Build Coastguard Worker else
61*5a6e8488SAndroid Build Coastguard Worker {
62*5a6e8488SAndroid Build Coastguard Worker char* name;
63*5a6e8488SAndroid Build Coastguard Worker
64*5a6e8488SAndroid Build Coastguard Worker // Get the basename
65*5a6e8488SAndroid Build Coastguard Worker name = strrchr((*argv)[0], BC_FILE_SEP);
66*5a6e8488SAndroid Build Coastguard Worker name = name == NULL ? (*argv)[0] : name + 1;
67*5a6e8488SAndroid Build Coastguard Worker
68*5a6e8488SAndroid Build Coastguard Worker // Figure out which to use.
69*5a6e8488SAndroid Build Coastguard Worker dc_C = (strcmp(name, "dc_fuzzer_C") == 0);
70*5a6e8488SAndroid Build Coastguard Worker }
71*5a6e8488SAndroid Build Coastguard Worker
72*5a6e8488SAndroid Build Coastguard Worker return 0;
73*5a6e8488SAndroid Build Coastguard Worker }
74*5a6e8488SAndroid Build Coastguard Worker
75*5a6e8488SAndroid Build Coastguard Worker int
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)76*5a6e8488SAndroid Build Coastguard Worker LLVMFuzzerTestOneInput(const uint8_t* Data, size_t Size)
77*5a6e8488SAndroid Build Coastguard Worker {
78*5a6e8488SAndroid Build Coastguard Worker BcStatus s;
79*5a6e8488SAndroid Build Coastguard Worker
80*5a6e8488SAndroid Build Coastguard Worker // I've already tested empty input, so just ignore.
81*5a6e8488SAndroid Build Coastguard Worker if (Size == 0 || Data[0] == '\0') return 0;
82*5a6e8488SAndroid Build Coastguard Worker
83*5a6e8488SAndroid Build Coastguard Worker // Clear the global. This is to ensure a clean start.
84*5a6e8488SAndroid Build Coastguard Worker memset(vm, 0, sizeof(BcVm));
85*5a6e8488SAndroid Build Coastguard Worker
86*5a6e8488SAndroid Build Coastguard Worker // Make sure to set the name.
87*5a6e8488SAndroid Build Coastguard Worker vm->name = "dc";
88*5a6e8488SAndroid Build Coastguard Worker
89*5a6e8488SAndroid Build Coastguard Worker BC_SIG_LOCK;
90*5a6e8488SAndroid Build Coastguard Worker
91*5a6e8488SAndroid Build Coastguard Worker // We *must* do this here. Otherwise, other code could not jump out all of
92*5a6e8488SAndroid Build Coastguard Worker // the way.
93*5a6e8488SAndroid Build Coastguard Worker bc_vec_init(&vm->jmp_bufs, sizeof(sigjmp_buf), BC_DTOR_NONE);
94*5a6e8488SAndroid Build Coastguard Worker
95*5a6e8488SAndroid Build Coastguard Worker BC_SETJMP_LOCKED(vm, exit);
96*5a6e8488SAndroid Build Coastguard Worker
97*5a6e8488SAndroid Build Coastguard Worker // Create a string with the data.
98*5a6e8488SAndroid Build Coastguard Worker bc_fuzzer_data = bc_vm_malloc(Size + 1);
99*5a6e8488SAndroid Build Coastguard Worker memcpy(bc_fuzzer_data, Data, Size);
100*5a6e8488SAndroid Build Coastguard Worker bc_fuzzer_data[Size] = '\0';
101*5a6e8488SAndroid Build Coastguard Worker
102*5a6e8488SAndroid Build Coastguard Worker s = dc_main((int) (bc_fuzzer_args_len - 1),
103*5a6e8488SAndroid Build Coastguard Worker dc_C ? dc_fuzzer_args_C : dc_fuzzer_args_c);
104*5a6e8488SAndroid Build Coastguard Worker
105*5a6e8488SAndroid Build Coastguard Worker exit:
106*5a6e8488SAndroid Build Coastguard Worker
107*5a6e8488SAndroid Build Coastguard Worker BC_SIG_MAYLOCK;
108*5a6e8488SAndroid Build Coastguard Worker
109*5a6e8488SAndroid Build Coastguard Worker free(bc_fuzzer_data);
110*5a6e8488SAndroid Build Coastguard Worker
111*5a6e8488SAndroid Build Coastguard Worker return s == BC_STATUS_SUCCESS || s == BC_STATUS_QUIT ? 0 : -1;
112*5a6e8488SAndroid Build Coastguard Worker }
113