]>
git.proxmox.com Git - ceph.git/blob - ceph/src/zstd/tests/fuzz/stream_round_trip.c
2 * Copyright (c) 2016-present, Facebook, Inc.
5 * This source code is licensed under both the BSD-style license (found in the
6 * LICENSE file in the root directory of this source tree) and the GPLv2 (found
7 * in the COPYING file in the root directory of this source tree).
11 * This fuzz target performs a zstd round-trip test (compress & decompress),
12 * compares the result with the original, and calls abort() on corruption.
15 #define ZSTD_STATIC_LINKING_ONLY
21 #include "fuzz_helpers.h"
22 #include "zstd_helpers.h"
24 ZSTD_CCtx
*cctx
= NULL
;
25 static ZSTD_DCtx
*dctx
= NULL
;
26 static uint8_t* cBuf
= NULL
;
27 static uint8_t* rBuf
= NULL
;
28 static size_t bufSize
= 0;
31 static ZSTD_outBuffer
makeOutBuffer(uint8_t *dst
, size_t capacity
)
33 ZSTD_outBuffer buffer
= { dst
, 0, 0 };
35 FUZZ_ASSERT(capacity
> 0);
36 buffer
.size
= (FUZZ_rand(&seed
) % capacity
) + 1;
37 FUZZ_ASSERT(buffer
.size
<= capacity
);
42 static ZSTD_inBuffer
makeInBuffer(const uint8_t **src
, size_t *size
)
44 ZSTD_inBuffer buffer
= { *src
, 0, 0 };
46 FUZZ_ASSERT(*size
> 0);
47 buffer
.size
= (FUZZ_rand(&seed
) % *size
) + 1;
48 FUZZ_ASSERT(buffer
.size
<= *size
);
55 static size_t compress(uint8_t *dst
, size_t capacity
,
56 const uint8_t *src
, size_t srcSize
)
59 ZSTD_CCtx_reset(cctx
);
60 FUZZ_setRandomParameters(cctx
, srcSize
, &seed
);
63 ZSTD_inBuffer in
= makeInBuffer(&src
, &srcSize
);
64 /* Mode controls the action. If mode == -1 we pick a new mode */
66 while (in
.pos
< in
.size
) {
67 ZSTD_outBuffer out
= makeOutBuffer(dst
, capacity
);
68 /* Previous action finished, pick a new mode. */
69 if (mode
== -1) mode
= FUZZ_rand(&seed
) % 10;
71 case 0: /* fall-though */
72 case 1: /* fall-though */
75 ZSTD_compress_generic(cctx
, &out
, &in
, ZSTD_e_flush
);
83 ZSTD_compress_generic(cctx
, &out
, &in
, ZSTD_e_end
);
85 /* Reset the compressor when the frame is finished */
87 ZSTD_CCtx_reset(cctx
);
88 if ((FUZZ_rand(&seed
) & 7) == 0) {
89 size_t const remaining
= in
.size
- in
.pos
;
90 FUZZ_setRandomParameters(cctx
, remaining
, &seed
);
98 ZSTD_compress_generic(cctx
, &out
, &in
, ZSTD_e_continue
);
109 ZSTD_inBuffer in
= {NULL
, 0, 0};
110 ZSTD_outBuffer out
= makeOutBuffer(dst
, capacity
);
111 size_t const ret
= ZSTD_compress_generic(cctx
, &out
, &in
, ZSTD_e_end
);
123 int LLVMFuzzerTestOneInput(const uint8_t *src
, size_t size
)
125 size_t neededBufSize
;
127 seed
= FUZZ_seed(&src
, &size
);
128 neededBufSize
= ZSTD_compressBound(size
) * 2;
130 /* Allocate all buffers and contexts if not already allocated */
131 if (neededBufSize
> bufSize
) {
134 cBuf
= (uint8_t*)malloc(neededBufSize
);
135 rBuf
= (uint8_t*)malloc(neededBufSize
);
136 bufSize
= neededBufSize
;
137 FUZZ_ASSERT(cBuf
&& rBuf
);
140 cctx
= ZSTD_createCCtx();
144 dctx
= ZSTD_createDCtx();
149 size_t const cSize
= compress(cBuf
, neededBufSize
, src
, size
);
151 ZSTD_decompressDCtx(dctx
, rBuf
, neededBufSize
, cBuf
, cSize
);
153 FUZZ_ASSERT_MSG(rSize
== size
, "Incorrect regenerated size");
154 FUZZ_ASSERT_MSG(!memcmp(src
, rBuf
, size
), "Corruption!");
157 #ifndef STATEFUL_FUZZING
158 ZSTD_freeCCtx(cctx
); cctx
= NULL
;
159 ZSTD_freeDCtx(dctx
); dctx
= NULL
;