From 78e6bbffd9ffad6550be613a298eb335122c9dd8 Mon Sep 17 00:00:00 2001
From: Dominik Loidolt <dominik.loidolt@univie.ac.at>
Date: Wed, 22 Jan 2025 09:54:58 +0100
Subject: [PATCH] Refactor cmp_tool fuzzing
---
test/fuzz/fuzz_cmp_tool.c | 3 ++-
test/fuzz/fuzz_data_producer.h | 28 ++++++++++++++++++++--------
test/fuzz/fuzz_helpers.c | 7 ++-----
3 files changed, 24 insertions(+), 14 deletions(-)
diff --git a/test/fuzz/fuzz_cmp_tool.c b/test/fuzz/fuzz_cmp_tool.c
index 183d58a..0fab499 100644
--- a/test/fuzz/fuzz_cmp_tool.c
+++ b/test/fuzz/fuzz_cmp_tool.c
@@ -59,7 +59,8 @@ static int gen_argv(FUZZ_dataProducer_t *producer, char **argv, const char *data
/* Add optional arguments no the end so they have higher priority */
end = argc-1;
- add_argument_with_file(argv, end--, "-o", "/tmp/fuzz-output-cmp_tool");
+ /* TODO: How to clean up written stuff by the cmp_tool? */
+ add_argument_with_file(argv, end--, "-o", FUZZ_TMP_DIR "/fuzz-output-cmp_tool");
if (FUZZ_dataProducer_uint32Range(producer, 0, 1))
add_argument_with_file(argv, end--, "-d", data_file);
if (FUZZ_dataProducer_uint32Range(producer, 0, 1))
diff --git a/test/fuzz/fuzz_data_producer.h b/test/fuzz/fuzz_data_producer.h
index cdccd16..c5d4891 100644
--- a/test/fuzz/fuzz_data_producer.h
+++ b/test/fuzz/fuzz_data_producer.h
@@ -29,13 +29,21 @@
#ifndef FUZZ_DATA_PRODUCER_H
#define FUZZ_DATA_PRODUCER_H
+
#include <stddef.h>
#include <stdint.h>
-#include <stdio.h>
#include <stdlib.h>
#include <cmp_chunk.h>
+
+#ifdef __APPLE__
+# define FUZZ_TMP_DIR "/tmp"
+#else
+# define FUZZ_TMP_DIR "/dev/shm"
+#endif
+
+
/* Struct used for maintaining the state of the data */
typedef struct FUZZ_dataProducer_s FUZZ_dataProducer_t;
@@ -47,14 +55,14 @@ void FUZZ_dataProducer_free(FUZZ_dataProducer_t *producer);
/* Returns value between [min, max] */
uint32_t FUZZ_dataProducer_uint32Range(FUZZ_dataProducer_t *producer, uint32_t min,
- uint32_t max);
+ uint32_t max);
/* Returns a uint32 value */
uint32_t FUZZ_dataProducer_uint32(FUZZ_dataProducer_t *producer);
/* Returns a signed value between [min, max] */
int32_t FUZZ_dataProducer_int32Range(FUZZ_dataProducer_t *producer,
- int32_t min, int32_t max);
+ int32_t min, int32_t max);
/* Provides compression parameters */
void FUZZ_dataProducer_cmp_par(FUZZ_dataProducer_t *producer, struct cmp_par *cmp_par);
@@ -69,12 +77,16 @@ void FUZZ_dataProducer_rollBack(FUZZ_dataProducer_t *producer, size_t remainingB
int FUZZ_dataProducer_empty(FUZZ_dataProducer_t *producer);
/* Restricts the producer to only the last newSize bytes of data.
-If newSize > current data size, nothing happens. Returns the number of bytes
-the producer won't use anymore, after contracting. */
+ * If newSize > current data size, nothing happens. Returns the number of bytes
+ * the producer won't use anymore, after contracting.
+ */
size_t FUZZ_dataProducer_contract(FUZZ_dataProducer_t *producer, size_t newSize);
-/* Restricts the producer to use only the last X bytes of data, where X is
- a random number in the interval [0, data_size]. Returns the size of the
- remaining data the producer won't use anymore (the prefix). */
+/* Restricts the producer to use only the last X bytes of data, where X is a
+ * random number in the interval [0, data_size]. Returns the size of the
+ * remaining data the producer won't use anymore (the prefix).
+ */
size_t FUZZ_dataProducer_reserveDataPrefix(FUZZ_dataProducer_t *producer);
+
+
#endif // FUZZ_DATA_PRODUCER_H
diff --git a/test/fuzz/fuzz_helpers.c b/test/fuzz/fuzz_helpers.c
index 7a150b6..55b6cdf 100644
--- a/test/fuzz/fuzz_helpers.c
+++ b/test/fuzz/fuzz_helpers.c
@@ -30,6 +30,7 @@
#include <errno.h>
#include "fuzz_helpers.h"
+#include "fuzz_data_producer.h"
void *FUZZ_malloc(size_t size)
@@ -61,11 +62,7 @@ char *FUZZ_buf_to_file(const uint8_t *buf, size_t size)
int fd, ret_close;
size_t pos = 0;
-#ifdef __APPLE__
- char *path_name = strdup("/tmp/fuzz-XXXXXX");
-#else
- char *path_name = strdup("/dev/shm/fuzz-XXXXXX");
-#endif
+ char *path_name = strdup(FUZZ_TMP_DIR "/fuzz-XXXXXX");
FUZZ_ASSERT(path_name != NULL);
--
GitLab