openssl/fuzz/driver.c

/*
 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * https://www.openssl.org/source/license.html
 * or in the file LICENSE in the source distribution.
 */
#include <stdint.h>
#include <unistd.h>
#include <stdlib.h>
#include <openssl/opensslconf.h>
#include "fuzzer.h"

#ifndef OPENSSL_NO_FUZZ_LIBFUZZER

int LLVMFuzzerInitialize(int *argc, char ***argv);
int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len);

int LLVMFuzzerInitialize(int *argc, char ***argv)
{
    return FuzzerInitialize(argc, argv);
}

int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len)
{
    return FuzzerTestOneInput(buf, len);
}

#elif !defined(OPENSSL_NO_FUZZ_AFL)

#define BUF_SIZE 65536

int main(int argc, char** argv)
{
    FuzzerInitialize(&argc, &argv);

    while (__AFL_LOOP(10000)) {
        uint8_t *buf = malloc(BUF_SIZE);
        size_t size = read(0, buf, BUF_SIZE);

        FuzzerTestOneInput(buf, size);
        free(buf);
    }

    FuzzerCleanup();
    return 0;
}

#else

#error "Unsupported fuzzer"

#endif
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`/*`
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7176) 2018-09-11 20:22:14 +08:00			`* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.`
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`*`
Following the license change, modify the boilerplates in fuzz/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7833) 2018-12-06 21:07:47 +08:00			`* Licensed under the Apache License 2.0 (the "License");`
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`* https://www.openssl.org/source/license.html`
			`* or in the file LICENSE in the source distribution.`
			`*/`
			`#include <stdint.h>`
			`#include <unistd.h>`
include stdlib for malloc() and free() Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1174 2016-06-06 02:51:04 +08:00			`#include <stdlib.h>`
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`#include <openssl/opensslconf.h>`
			`#include "fuzzer.h"`

			`#ifndef OPENSSL_NO_FUZZ_LIBFUZZER`

fuzz/driver.c: appease -Wmissing-prototypes Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/7138) 2018-09-06 21:51:43 +08:00			`int LLVMFuzzerInitialize(int argc, char **argv);`
			`int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len);`

Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`int LLVMFuzzerInitialize(int argc, char **argv)`
			`{`
FuzzerInitialize always exists There was a time it could be NULL, but that was changed to always have it. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023 2016-11-20 00:12:11 +08:00			`return FuzzerInitialize(argc, argv);`
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`}`

Fix formatting of fuzzers Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023 2016-11-20 00:10:35 +08:00			`int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len)`
			`{`
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`return FuzzerTestOneInput(buf, len);`
			`}`

			`#elif !defined(OPENSSL_NO_FUZZ_AFL)`

			`#define BUF_SIZE 65536`

			`int main(int argc, char** argv)`
			`{`
FuzzerInitialize always exists There was a time it could be NULL, but that was changed to always have it. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023 2016-11-20 00:12:11 +08:00			`FuzzerInitialize(&argc, &argv);`
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00
			`while (__AFL_LOOP(10000)) {`
			`uint8_t *buf = malloc(BUF_SIZE);`
			`size_t size = read(0, buf, BUF_SIZE);`

			`FuzzerTestOneInput(buf, size);`
			`free(buf);`
			`}`
Add a FuzzerClean() function This allows to free everything we allocated, so we can detect memory leaks. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023 2016-11-20 00:13:10 +08:00
			`FuzzerCleanup();`
Add support for fuzzing with AFL Reviewed-by: Ben Laurie <ben@links.org> MR: #2740 2016-05-08 04:09:13 +08:00			`return 0;`
			`}`

			`#else`

			`#error "Unsupported fuzzer"`

			`#endif`