1 // Copyright 2019 The Chromium OS Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #![no_main] 6 7 use base::FileReadWriteAtVolatile; 8 use cros_fuzz::fuzz_target; 9 use data_model::VolatileSlice; 10 use disk::QcowFile; 11 12 use std::io::{Cursor, Read, Seek, SeekFrom, Write}; 13 use std::mem::size_of; 14 15 // Take the first 64 bits of data as an address and the next 64 bits as data to 16 // store there. The rest of the data is used as a qcow image. 17 fuzz_target!(|bytes| { 18 if bytes.len() < 16 { 19 // Need an address and data, each are 8 bytes. 20 return; 21 } 22 let mut disk_image = Cursor::new(bytes); 23 let addr = read_u64(&mut disk_image); 24 let value = read_u64(&mut disk_image); 25 let max_nesting_depth = 10; 26 let mut disk_file = tempfile::tempfile().unwrap(); 27 disk_file.write_all(&bytes[16..]).unwrap(); 28 disk_file.seek(SeekFrom::Start(0)).unwrap(); 29 if let Ok(mut qcow) = QcowFile::from(disk_file, max_nesting_depth) { 30 let mut mem = value.to_le_bytes().to_owned(); 31 let vslice = VolatileSlice::new(&mut mem); 32 let _ = qcow.write_all_at_volatile(vslice, addr); 33 } 34 }); 35 read_u64<T: Read>(readable: &mut T) -> u6436fn read_u64<T: Read>(readable: &mut T) -> u64 { 37 let mut buf = [0u8; size_of::<u64>()]; 38 readable.read_exact(&mut buf[..]).unwrap(); 39 u64::from_le_bytes(buf) 40 } 41