1 /* Copyright 2021 Google LLC
2 Licensed under the Apache License, Version 2.0 (the "License");
3 you may not use this file except in compliance with the License.
4 You may obtain a copy of the License at
5 http://www.apache.org/licenses/LICENSE-2.0
6 Unless required by applicable law or agreed to in writing, software
7 distributed under the License is distributed on an "AS IS" BASIS,
8 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
9 See the License for the specific language governing permissions and
10 limitations under the License.
11 */
12
13 #include <fuzzer/FuzzedDataProvider.h>
14 #include <assert.h>
15
16 FuzzedDataProvider *prov = NULL;
17
fuzz_random_init(const uint8_t * data,size_t size)18 extern "C" void fuzz_random_init(const uint8_t *data, size_t size) {
19 assert(prov == NULL);
20 prov = new FuzzedDataProvider(data, size);
21 }
22
fuzz_random_destroy()23 extern "C" void fuzz_random_destroy() {
24 assert(prov != NULL);
25 delete prov;
26 prov = NULL;
27 }
28
get_random_string()29 extern "C" char *get_random_string() {
30 assert(prov != NULL);
31
32 std::string s1 = prov->ConsumeRandomLengthString();
33 char *tmp = (char *)malloc(s1.size() + 1);
34 memcpy(tmp, s1.c_str(), s1.size());
35 tmp[s1.size()] = '\0';
36 return tmp;
37 }
38
fuzz_randomizer_get_int(int min,int max)39 extern "C" int fuzz_randomizer_get_int(int min, int max) {
40 assert(prov != NULL);
41 return prov->ConsumeIntegralInRange<int>(min, max);
42 }
43
fuzz_random_get_string_max_length(int max_len)44 extern "C" char *fuzz_random_get_string_max_length(int max_len) {
45 assert(prov != NULL);
46
47 std::string s1 = prov->ConsumeBytesAsString(
48 prov->ConsumeIntegralInRange<uint32_t>(1, max_len));
49 char *tmp123 = (char*)malloc(s1.size()+1);
50 memcpy(tmp123, s1.c_str(), s1.size());
51 tmp123[s1.size()] = '\0';
52
53 return tmp123;
54 }
55
fuzz_get_random_data(void * buf,size_t len)56 extern "C" size_t fuzz_get_random_data(void *buf, size_t len) {
57 assert(prov != NULL);
58 size_t ret_val;
59 char *cbuf = (char*)buf;
60
61 if (prov->remaining_bytes() == 0) {
62 return -1;
63 }
64
65 double prob = prov->ConsumeProbability<double>();
66 if (prob < 0.05) {
67 return 0;
68 }
69
70 //if (len == 1) {
71 // ret_val = prov->ConsumeData(buf, 1);
72 // return ret_val;
73 //}
74 ret_val = prov->ConsumeData(buf, len);
75 return ret_val;
76 }
77
78
79 // Simple garbage collector
80 #define GB_SIZE 100
81 void *pointer_arr[GB_SIZE];
82 static int pointer_idx = 0;
83
84 // If the garbage collector is used then this must be called as first thing
85 // during a fuzz run.
gb_init()86 extern "C" void gb_init() {
87 pointer_idx = 0;
88
89 for (int i = 0; i < GB_SIZE; i++) {
90 pointer_arr[i] = NULL;
91 }
92 }
93
gb_cleanup()94 extern "C" void gb_cleanup() {
95 for(int i = 0; i < GB_SIZE; i++) {
96 if (pointer_arr[i] != NULL) {
97 free(pointer_arr[i]);
98 }
99 }
100 }
101
gb_get_random_string()102 extern "C" char *gb_get_random_string() {
103 char *tmp = get_random_string();
104 pointer_arr[pointer_idx++] = (void*)tmp;
105 return tmp;
106 }
107
108