]>
git.proxmox.com Git - ceph.git/blob - ceph/src/zstd/tests/fuzz/raw_dictionary_round_trip.c
2 * Copyright (c) 2016-2020, Facebook, Inc.
5 * This source code is licensed under both the BSD-style license (found in the
6 * LICENSE file in the root directory of this source tree) and the GPLv2 (found
7 * in the COPYING file in the root directory of this source tree).
8 * You may select, at your option, one of the above-listed licenses.
12 * This fuzz target performs a zstd round-trip test (compress & decompress) with
13 * a raw content dictionary, compares the result with the original, and calls
14 * abort() on corruption.
21 #include "fuzz_helpers.h"
22 #include "zstd_helpers.h"
23 #include "fuzz_data_producer.h"
25 static ZSTD_CCtx
*cctx
= NULL
;
26 static ZSTD_DCtx
*dctx
= NULL
;
28 static size_t roundTripTest(void *result
, size_t resultCapacity
,
29 void *compressed
, size_t compressedCapacity
,
30 const void *src
, size_t srcSize
,
31 const void *dict
, size_t dictSize
,
32 FUZZ_dataProducer_t
*producer
)
34 ZSTD_dictContentType_e
const dictContentType
= ZSTD_dct_rawContent
;
35 int const refPrefix
= FUZZ_dataProducer_uint32Range(producer
, 0, 1) != 0;
38 FUZZ_setRandomParameters(cctx
, srcSize
, producer
);
39 /* Disable checksum so we can use sizes smaller than compress bound. */
40 FUZZ_ZASSERT(ZSTD_CCtx_setParameter(cctx
, ZSTD_c_checksumFlag
, 0));
42 FUZZ_ZASSERT(ZSTD_CCtx_refPrefix_advanced(
44 ZSTD_dct_rawContent
));
46 FUZZ_ZASSERT(ZSTD_CCtx_loadDictionary_advanced(
48 (ZSTD_dictLoadMethod_e
)FUZZ_dataProducer_uint32Range(producer
, 0, 1),
49 ZSTD_dct_rawContent
));
50 cSize
= ZSTD_compress2(cctx
, compressed
, compressedCapacity
, src
, srcSize
);
54 FUZZ_ZASSERT(ZSTD_DCtx_refPrefix_advanced(
58 FUZZ_ZASSERT(ZSTD_DCtx_loadDictionary_advanced(
60 (ZSTD_dictLoadMethod_e
)FUZZ_dataProducer_uint32Range(producer
, 0, 1),
63 size_t const ret
= ZSTD_decompressDCtx(
64 dctx
, result
, resultCapacity
, compressed
, cSize
);
69 int LLVMFuzzerTestOneInput(const uint8_t *src
, size_t size
)
71 /* Give a random portion of src data to the producer, to use for
72 parameter generation. The rest will be used for (de)compression */
73 FUZZ_dataProducer_t
*producer
= FUZZ_dataProducer_create(src
, size
);
74 size
= FUZZ_dataProducer_reserveDataPrefix(producer
);
76 uint8_t const* const srcBuf
= src
;
77 size_t const srcSize
= FUZZ_dataProducer_uint32Range(producer
, 0, size
);
78 uint8_t const* const dictBuf
= srcBuf
+ srcSize
;
79 size_t const dictSize
= size
- srcSize
;
80 size_t const decompSize
= srcSize
;
81 void* const decompBuf
= FUZZ_malloc(decompSize
);
82 size_t compSize
= ZSTD_compressBound(srcSize
);
84 /* Half of the time fuzz with a 1 byte smaller output size.
85 * This will still succeed because we force the checksum to be disabled,
86 * giving us 4 bytes of overhead.
88 compSize
-= FUZZ_dataProducer_uint32Range(producer
, 0, 1);
89 compBuf
= FUZZ_malloc(compSize
);
92 cctx
= ZSTD_createCCtx();
96 dctx
= ZSTD_createDCtx();
101 size_t const result
=
102 roundTripTest(decompBuf
, decompSize
, compBuf
, compSize
, srcBuf
, srcSize
, dictBuf
, dictSize
, producer
);
103 FUZZ_ZASSERT(result
);
104 FUZZ_ASSERT_MSG(result
== srcSize
, "Incorrect regenerated size");
105 FUZZ_ASSERT_MSG(!FUZZ_memcmp(src
, decompBuf
, srcSize
), "Corruption!");
109 FUZZ_dataProducer_free(producer
);
110 #ifndef STATEFUL_FUZZING
111 ZSTD_freeCCtx(cctx
); cctx
= NULL
;
112 ZSTD_freeDCtx(dctx
); dctx
= NULL
;