1 #include "libhfuzz/fetch.h"
2
3 #include <errno.h>
4 #include <fcntl.h>
5 #include <inttypes.h>
6 #include <limits.h>
7 #include <stdbool.h>
8 #include <stdint.h>
9 #include <stdlib.h>
10 #include <sys/mman.h>
11 #include <unistd.h>
12
13 #include "honggfuzz.h"
14 #include "libhfcommon/common.h"
15 #include "libhfcommon/files.h"
16 #include "libhfcommon/log.h"
17
18 /*
19 * If this signature is visible inside a binary, it's probably a persistent-style fuzzing program.
20 * This mode of discover is employed by honggfuzz
21 */
22 __attribute__((visibility("default"))) __attribute__((used)) const char* LIBHFUZZ_module_fetch =
23 _HF_PERSISTENT_SIG;
24
25 static const uint8_t* inputFile = NULL;
init(void)26 __attribute__((constructor)) static void init(void) {
27 if (fcntl(_HF_INPUT_FD, F_GETFD) == -1 && errno == EBADF) {
28 return;
29 }
30 if ((inputFile = mmap(NULL, _HF_INPUT_MAX_SIZE, PROT_READ, MAP_SHARED, _HF_INPUT_FD, 0)) ==
31 MAP_FAILED) {
32 PLOG_F("mmap(fd=%d, size=%zu) of the input file failed", _HF_INPUT_FD,
33 (size_t)_HF_INPUT_MAX_SIZE);
34 }
35 }
36
HonggfuzzFetchData(const uint8_t ** buf_ptr,size_t * len_ptr)37 void HonggfuzzFetchData(const uint8_t** buf_ptr, size_t* len_ptr) {
38 if (!files_writeToFd(_HF_PERSISTENT_FD, &HFReadyTag, sizeof(HFReadyTag))) {
39 LOG_F("writeToFd(size=%zu, readyTag) failed", sizeof(HFReadyTag));
40 }
41
42 uint64_t rcvLen;
43 ssize_t sz = files_readFromFd(_HF_PERSISTENT_FD, (uint8_t*)&rcvLen, sizeof(rcvLen));
44 if (sz == -1) {
45 PLOG_F("readFromFd(fd=%d, size=%zu) failed", _HF_PERSISTENT_FD, sizeof(rcvLen));
46 }
47 if (sz != sizeof(rcvLen)) {
48 LOG_F("readFromFd(fd=%d, size=%zu) failed, received=%zd bytes", _HF_PERSISTENT_FD,
49 sizeof(rcvLen), sz);
50 }
51
52 *buf_ptr = inputFile;
53 *len_ptr = (size_t)rcvLen;
54 }
55
fetchIsInputAvailable(void)56 bool fetchIsInputAvailable(void) {
57 LOG_D("Current module: %s", LIBHFUZZ_module_fetch);
58 return (inputFile != NULL);
59 }
60