aboutsummaryrefslogtreecommitdiff
path: root/test/fuzzer/OnlySomeBytesTest.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'test/fuzzer/OnlySomeBytesTest.cpp')
-rw-r--r--test/fuzzer/OnlySomeBytesTest.cpp40
1 files changed, 40 insertions, 0 deletions
diff --git a/test/fuzzer/OnlySomeBytesTest.cpp b/test/fuzzer/OnlySomeBytesTest.cpp
new file mode 100644
index 000000000000..076cda063459
--- /dev/null
+++ b/test/fuzzer/OnlySomeBytesTest.cpp
@@ -0,0 +1,40 @@
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+
+// Find ABCxxFxUxZxxx... (2048+ bytes, 'x' is any byte)
+#include <assert.h>
+#include <cstddef>
+#include <cstdint>
+#include <cstdlib>
+#include <cstring>
+#include <cstdio>
+
+const size_t N = 2048;
+typedef const uint8_t *IN;
+
+static volatile int one = 1;
+
+extern "C" {
+__attribute__((noinline)) void bad() {
+ fprintf(stderr, "BINGO\n");
+ if (one)
+ abort();
+}
+
+__attribute__((noinline)) void f0(IN in) {
+ uint32_t x = in[5] + 251 * in[7] + 251 * 251 * in[9];
+ if (x == 'F' + 251 * 'U' + 251 * 251 * 'Z')
+ bad();
+}
+
+__attribute__((noinline)) void fC(IN in) { if (in[2] == 'C') f0(in); }
+__attribute__((noinline)) void fB(IN in) { if (in[1] == 'B') fC(in); }
+__attribute__((noinline)) void fA(IN in) { if (in[0] == 'A') fB(in); }
+
+} // extern "C"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+ if (Size < N) return 0;
+ fA((IN)Data);
+ return 0;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-11 14:52:42 +0000