1*5c90c05cSAndroid Build Coastguard Worker // Copyright (c) 2019, Paul Dreik
2*5c90c05cSAndroid Build Coastguard Worker // For the license information refer to format.h.
3*5c90c05cSAndroid Build Coastguard Worker
4*5c90c05cSAndroid Build Coastguard Worker #ifndef FUZZER_COMMON_H
5*5c90c05cSAndroid Build Coastguard Worker #define FUZZER_COMMON_H
6*5c90c05cSAndroid Build Coastguard Worker
7*5c90c05cSAndroid Build Coastguard Worker #include <fmt/base.h>
8*5c90c05cSAndroid Build Coastguard Worker
9*5c90c05cSAndroid Build Coastguard Worker #include <cstdint> // std::uint8_t
10*5c90c05cSAndroid Build Coastguard Worker #include <cstring> // memcpy
11*5c90c05cSAndroid Build Coastguard Worker #include <vector>
12*5c90c05cSAndroid Build Coastguard Worker
13*5c90c05cSAndroid Build Coastguard Worker // One can format to either a string, or a buffer. The latter is faster, but
14*5c90c05cSAndroid Build Coastguard Worker // one may be interested in formatting to a string instead to verify it works
15*5c90c05cSAndroid Build Coastguard Worker // as intended. To avoid a combinatoric explosion, select this at compile time
16*5c90c05cSAndroid Build Coastguard Worker // instead of dynamically from the fuzz data.
17*5c90c05cSAndroid Build Coastguard Worker #define FMT_FUZZ_FORMAT_TO_STRING 0
18*5c90c05cSAndroid Build Coastguard Worker
19*5c90c05cSAndroid Build Coastguard Worker // If {fmt} is given a buffer that is separately allocated, chances that address
20*5c90c05cSAndroid Build Coastguard Worker // sanitizer detects out of bound reads is much higher. However, it slows down
21*5c90c05cSAndroid Build Coastguard Worker // the fuzzing.
22*5c90c05cSAndroid Build Coastguard Worker #define FMT_FUZZ_SEPARATE_ALLOCATION 1
23*5c90c05cSAndroid Build Coastguard Worker
24*5c90c05cSAndroid Build Coastguard Worker // The size of the largest possible type in use.
25*5c90c05cSAndroid Build Coastguard Worker // To let the the fuzzer mutation be efficient at cross pollinating between
26*5c90c05cSAndroid Build Coastguard Worker // different types, use a fixed size format. The same bit pattern, interpreted
27*5c90c05cSAndroid Build Coastguard Worker // as another type, is likely interesting.
28*5c90c05cSAndroid Build Coastguard Worker constexpr auto fixed_size = 16;
29*5c90c05cSAndroid Build Coastguard Worker
30*5c90c05cSAndroid Build Coastguard Worker // Casts data to a char pointer.
as_chars(const T * data)31*5c90c05cSAndroid Build Coastguard Worker template <typename T> inline const char* as_chars(const T* data) {
32*5c90c05cSAndroid Build Coastguard Worker return reinterpret_cast<const char*>(data);
33*5c90c05cSAndroid Build Coastguard Worker }
34*5c90c05cSAndroid Build Coastguard Worker
35*5c90c05cSAndroid Build Coastguard Worker // Casts data to a byte pointer.
as_bytes(const T * data)36*5c90c05cSAndroid Build Coastguard Worker template <typename T> inline const std::uint8_t* as_bytes(const T* data) {
37*5c90c05cSAndroid Build Coastguard Worker return reinterpret_cast<const std::uint8_t*>(data);
38*5c90c05cSAndroid Build Coastguard Worker }
39*5c90c05cSAndroid Build Coastguard Worker
40*5c90c05cSAndroid Build Coastguard Worker // Blits bytes from data to form an (assumed trivially constructible) object
41*5c90c05cSAndroid Build Coastguard Worker // of type Item.
assign_from_buf(const std::uint8_t * data)42*5c90c05cSAndroid Build Coastguard Worker template <class Item> inline Item assign_from_buf(const std::uint8_t* data) {
43*5c90c05cSAndroid Build Coastguard Worker auto item = Item();
44*5c90c05cSAndroid Build Coastguard Worker std::memcpy(&item, data, sizeof(Item));
45*5c90c05cSAndroid Build Coastguard Worker return item;
46*5c90c05cSAndroid Build Coastguard Worker }
47*5c90c05cSAndroid Build Coastguard Worker
48*5c90c05cSAndroid Build Coastguard Worker // Reads a boolean value by looking at the first byte from data.
49*5c90c05cSAndroid Build Coastguard Worker template <> inline bool assign_from_buf<bool>(const std::uint8_t* data) {
50*5c90c05cSAndroid Build Coastguard Worker return *data != 0;
51*5c90c05cSAndroid Build Coastguard Worker }
52*5c90c05cSAndroid Build Coastguard Worker
53*5c90c05cSAndroid Build Coastguard Worker struct data_to_string {
54*5c90c05cSAndroid Build Coastguard Worker #if FMT_FUZZ_SEPARATE_ALLOCATION
55*5c90c05cSAndroid Build Coastguard Worker std::vector<char> buffer;
56*5c90c05cSAndroid Build Coastguard Worker
57*5c90c05cSAndroid Build Coastguard Worker data_to_string(const uint8_t* data, size_t size, bool add_terminator = false)
58*5c90c05cSAndroid Build Coastguard Worker : buffer(size + (add_terminator ? 1 : 0)) {
59*5c90c05cSAndroid Build Coastguard Worker if (size) {
60*5c90c05cSAndroid Build Coastguard Worker std::memcpy(buffer.data(), data, size);
61*5c90c05cSAndroid Build Coastguard Worker }
62*5c90c05cSAndroid Build Coastguard Worker }
63*5c90c05cSAndroid Build Coastguard Worker
getdata_to_string64*5c90c05cSAndroid Build Coastguard Worker fmt::string_view get() const { return {buffer.data(), buffer.size()}; }
65*5c90c05cSAndroid Build Coastguard Worker #else
66*5c90c05cSAndroid Build Coastguard Worker fmt::string_view sv;
67*5c90c05cSAndroid Build Coastguard Worker
68*5c90c05cSAndroid Build Coastguard Worker data_to_string(const uint8_t* data, size_t size, bool = false)
69*5c90c05cSAndroid Build Coastguard Worker : str(as_chars(data), size) {}
70*5c90c05cSAndroid Build Coastguard Worker
71*5c90c05cSAndroid Build Coastguard Worker fmt::string_view get() const { return sv; }
72*5c90c05cSAndroid Build Coastguard Worker #endif
73*5c90c05cSAndroid Build Coastguard Worker
datadata_to_string74*5c90c05cSAndroid Build Coastguard Worker const char* data() const { return get().data(); }
75*5c90c05cSAndroid Build Coastguard Worker };
76*5c90c05cSAndroid Build Coastguard Worker
77*5c90c05cSAndroid Build Coastguard Worker #endif // FUZZER_COMMON_H
78