1 #ifndef FUZZER_COMMON_H
2 #define FUZZER_COMMON_H
3
4 // Copyright (c) 2019, Paul Dreik
5 // License: see LICENSE.rst in the fmt root directory
6
7 #include <cstdint> // std::uint8_t
8 #include <cstring> // memcpy
9 #include <type_traits> // trivially copyable
10
11 // one can format to either a string, or a buf. buf is faster,
12 // but one may be interested in formatting to a string instead to
13 // verify it works as intended. to avoid a combinatoric explosion,
14 // select this at compile time instead of dynamically from the fuzz data
15 #define FMT_FUZZ_FORMAT_TO_STRING 0
16
17 // if fmt is given a buffer that is separately allocated,
18 // chances that address sanitizer detects out of bound reads is
19 // much higher. However, it slows down the fuzzing.
20 #define FMT_FUZZ_SEPARATE_ALLOCATION 1
21
22 // To let the the fuzzer mutation be efficient at cross pollinating
23 // between different types, use a fixed size format.
24 // The same bit pattern, interpreted as another type,
25 // is likely interesting.
26 // For this, we must know the size of the largest possible type in use.
27
28 // There are some problems on travis, claiming Nfixed is not a constant
29 // expression which seems to be an issue with older versions of libstdc++
30 #if _GLIBCXX_RELEASE >= 7
31 # include <algorithm>
32 namespace fmt_fuzzer {
33 constexpr auto Nfixed = std::max(sizeof(long double), sizeof(std::intmax_t));
34 }
35 #else
36 namespace fmt_fuzzer {
37 constexpr auto Nfixed = 16;
38 }
39 #endif
40
41 namespace fmt_fuzzer {
42 // view data as a c char pointer.
as_chars(const T * data)43 template <typename T> inline const char* as_chars(const T* data) {
44 return static_cast<const char*>(static_cast<const void*>(data));
45 }
46
47 // view data as a byte pointer
as_bytes(const T * data)48 template <typename T> inline const std::uint8_t* as_bytes(const T* data) {
49 return static_cast<const std::uint8_t*>(static_cast<const void*>(data));
50 }
51
52 // blits bytes from Data to form an (assumed trivially constructible) object
53 // of type Item
assignFromBuf(const std::uint8_t * Data)54 template <class Item> inline Item assignFromBuf(const std::uint8_t* Data) {
55 Item item{};
56 std::memcpy(&item, Data, sizeof(Item));
57 return item;
58 }
59
60 // reads a boolean value by looking at the first byte from Data
61 template <> inline bool assignFromBuf<bool>(const std::uint8_t* Data) {
62 return !!Data[0];
63 }
64
65 } // namespace fmt_fuzzer
66
67 #endif // FUZZER_COMMON_H
68