1 // Copyright 2020 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 // Example of a standalone runner for "fuzz targets".
16 // It reads all files passed as parameters and feeds their contents
17 // one by one into the fuzz target (LLVMFuzzerTestOneInput).
18 // This runner does not do any fuzzing, but allows us to run the fuzz target
19 // on the test corpus (e.g. "do_stuff_test_data") or on a single file,
20 // e.g. the one that comes from a bug report.
21
22 #include <cassert>
23 #include <iostream>
24 #include <fstream>
25 #include <vector>
26
27 // Forward declare the "fuzz target" interface.
28 // We deliberately keep this inteface simple and header-free.
29 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
30
main(int argc,char ** argv)31 int main(int argc, char **argv) {
32 for (int i = 1; i < argc; i++) {
33 std::ifstream in(argv[i]);
34 in.seekg(0, in.end);
35 size_t length = in.tellg();
36 in.seekg (0, in.beg);
37 std::cout << "Reading " << length << " bytes from " << argv[i] << std::endl;
38 // Allocate exactly length bytes so that we reliably catch buffer overflows.
39 std::vector<char> bytes(length);
40 in.read(bytes.data(), bytes.size());
41 assert(in);
42 LLVMFuzzerTestOneInput(reinterpret_cast<const uint8_t *>(bytes.data()),
43 bytes.size());
44 std::cout << "Execution successful" << std::endl;
45 }
46 return 0;
47 }
48