projects / ceph.git / blame
| Commit | Line | Data |
|---|---|---|
| 11fdf7f2 | 1 | /** |
| f67539c2 | 2 | * Copyright (c) 2016-2020, Yann Collet, Facebook, Inc. |
| 11fdf7f2 TL |
3 | * All rights reserved. |
| 4 | * | |
| 5 | * This source code is licensed under both the BSD-style license (found in the | |
| 6 | * LICENSE file in the root directory of this source tree) and the GPLv2 (found | |
| 7 | * in the COPYING file in the root directory of this source tree). | |
| f67539c2 | 8 | * You may select, at your option, one of the above-listed licenses. |
| 11fdf7f2 TL |
9 | */ |
| 10 | ||
| 11 | /** | |
| 12 | * This fuzz target attempts to decompress the fuzzed data with the simple | |
| 13 | * decompression function to ensure the decompressor never crashes. | |
| 14 | */ | |
| 15 | ||
| 16 | #define ZSTD_STATIC_LINKING_ONLY | |
| 17 | ||
| 18 | #include <stddef.h> | |
| 19 | #include <stdlib.h> | |
| 20 | #include <stdio.h> | |
| 21 | #include "fuzz_helpers.h" | |
| 22 | #include "zstd.h" | |
| 23 | ||
| 24 | static ZSTD_DCtx *dctx = NULL; | |
| 25 | static void* rBuf = NULL; | |
| 26 | static size_t bufSize = 0; | |
| 27 | ||
| 28 | int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) | |
| 29 | { | |
| 30 | size_t const neededBufSize = ZSTD_BLOCKSIZE_MAX; | |
| 31 | ||
| 11fdf7f2 TL |
32 | /* Allocate all buffers and contexts if not already allocated */ |
| 33 | if (neededBufSize > bufSize) { | |
| 34 | free(rBuf); | |
| f67539c2 | 35 | rBuf = FUZZ_malloc(neededBufSize); |
| 11fdf7f2 | 36 | bufSize = neededBufSize; |
| 11fdf7f2 TL |
37 | } |
| 38 | if (!dctx) { | |
| 39 | dctx = ZSTD_createDCtx(); | |
| 40 | FUZZ_ASSERT(dctx); | |
| 41 | } | |
| 42 | ZSTD_decompressBegin(dctx); | |
| 43 | ZSTD_decompressBlock(dctx, rBuf, neededBufSize, src, size); | |
| 44 | ||
| 45 | #ifndef STATEFUL_FUZZING | |
| 46 | ZSTD_freeDCtx(dctx); dctx = NULL; | |
| 47 | #endif | |
| 48 | return 0; | |
| 49 | } |