Commit 583b4b6e authored by Shaleen Jain's avatar Shaleen Jain

Add libfuzzer support

parent 136bd325
......@@ -94,6 +94,24 @@ AS_IF([test -n "${with_binary_version}"],[
[Binary specific version])
])
dnl
dnl Sanitizer Coverage for libFuzzer
dnl
AX_CHECK_COMPILE_FLAG(-fsanitize-coverage=trace-pc-guard,
[
AX_APPEND_FLAG([-fsanitize-coverage=trace-pc-guard],
[SANITIZER_COVERAGE_FLAGS])
AX_APPEND_COMPILE_FLAGS([-fsanitize-coverage=trace-cmp],
[SANITIZER_COVERAGE_FLAGS])
],
[
AX_APPEND_COMPILE_FLAGS([-fsanitize-coverage=trace-pc],
[SANITIZER_COVERAGE_FLAGS])
]
)
AC_SUBST(SANITIZER_COVERAGE_FLAGS)
AS_VAR_IF(SANITIZER_COVERAGE_FLAGS,"", [ AC_MSG_ERROR(["Sanitizer coverage not supported by your compiler"]) ],[])
dnl
dnl Check the operating system
dnl
......@@ -4199,6 +4217,7 @@ AC_CONFIG_FILES([
lib/Makefile
bin/Makefile
test/Makefile
test/fuzz/Makefile
modules/hw/mmal/Makefile
share/vlc.appdata.xml.in
])
......
......@@ -4,6 +4,8 @@
AUTOMAKE_OPTIONS = subdir-objects
SUBDIRS = fuzz
extra_check_verbose = $(extra_check_verbose_$(V))
extra_check_verbose_ = $(extra_check_flags__$(AM_DEFAULT_VERBOSITY))
extra_check_verbose_0 = @echo TEST $@
......
AUTOMAKE_OPTIONS = subdir-objects
AM_CFLAGS = $(SANITIZER_COVERAGE_FLAGS)
AM_CXXFLAGS = $(SANITIZER_COVERAGE_FLAGS)
LIBVLCCORE = ../../src/libvlccore.la
LIBVLC = ../../lib/libvlc.la
LDADD = $(LIBVLCCORE) $(LIBVLC) -L./ -lFuzzer $(LIBPTHREAD)
noinst_HEADERS = \
fuzzer.h
check_PROGRAMS = \
fuzz_me
fuzz_me_SOURCES = \
fuzz_me.cpp \
fuzzer_common.c
#include <stdint.h>
#include <stddef.h>
extern "C" {
#include "fuzzer.h"
}
int FuzzerInitialize(int *argc, char ***argv) {
return 0;
}
bool FuzzMe(const uint8_t *Data,
size_t DataSize) {
return DataSize >= 3 &&
Data[0] == 'F' &&
Data[1] == 'U' &&
Data[2] == 'Z' &&
Data[3] == 'Z'; // :‑<
}
int FuzzerTestOneInput(const uint8_t *Data, size_t Size) {
FuzzMe(Data, Size);
return 0;
}
/*****************************************************************************
* fuzzer.h: fuzzer common
*****************************************************************************
* Copyright (C) 2017 Shaleen Jain <shaleen.jain95@gmail.com>
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
*****************************************************************************/
#ifndef FUZZER_H
#define FUZZER_H
int FuzzerTestOneInput(const uint8_t *buf, size_t len);
int FuzzerInitialize(int *argc, char ***argv);
void FuzzerCleanup(void);
#endif /* FUZZER_H */
/*****************************************************************************
* fuzzer_common.c: fuzzer common
*****************************************************************************
* Copyright (C) 2017 Shaleen Jain <shaleen.jain95@gmail.com>
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
*****************************************************************************/
#include <vlc/libvlc.h>
#include <getopt.h>
#include <string.h>
#include "fuzzer.h"
static struct option long_options[] = {
{0, 0, 0, 0}
};
int LLVMFuzzerInitialize(int *argc, char ***argv) {
int c;
do {
c = getopt_long(*argc, *argv, "", long_options, NULL);
} while ( c != -1 );
return FuzzerInitialize(NULL, 0);
}
int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
return FuzzerTestOneInput(buf, len);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment