ceph/src/zstd/tests/fuzz/simple_compress.c

   1 /*
   2  * Copyright (c) 2016-2020, Facebook, Inc.
   3  * All rights reserved.
   4  *
   5  * This source code is licensed under both the BSD-style license (found in the
   6  * LICENSE file in the root directory of this source tree) and the GPLv2 (found
   7  * in the COPYING file in the root directory of this source tree).
   8  * You may select, at your option, one of the above-listed licenses.
   9  */
  10
  11 /**
  12  * This fuzz target attempts to comprss the fuzzed data with the simple
  13  * compression function with an output buffer that may be too small to
  14  * ensure that the compressor never crashes.
  15  */
  16
  17 #include <stddef.h>
  18 #include <stdlib.h>
  19 #include <stdio.h>
  20 #include "fuzz_helpers.h"
  21 #include "zstd.h"
  22 #include "zstd_helpers.h"
  23 #include "fuzz_data_producer.h"
  24
  25 static ZSTD_CCtx *cctx = NULL;
  26
  27 int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
  28 {
  29     /* Give a random portion of src data to the producer, to use for
  30     parameter generation. The rest will be used for (de)compression */
  31     FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
  32     size = FUZZ_dataProducer_reserveDataPrefix(producer);
  33
  34     size_t const maxSize = ZSTD_compressBound(size);
  35     size_t const bufSize = FUZZ_dataProducer_uint32Range(producer, 0, maxSize);
  36
  37     int const cLevel = FUZZ_dataProducer_int32Range(producer, kMinClevel, kMaxClevel);
  38
  39     if (!cctx) {
  40         cctx = ZSTD_createCCtx();
  41         FUZZ_ASSERT(cctx);
  42     }
  43
  44     void *rBuf = FUZZ_malloc(bufSize);
  45     ZSTD_compressCCtx(cctx, rBuf, bufSize, src, size, cLevel);
  46     free(rBuf);
  47     FUZZ_dataProducer_free(producer);
  48 #ifndef STATEFUL_FUZZING
  49     ZSTD_freeCCtx(cctx); cctx = NULL;
  50 #endif
  51     return 0;
  52 }