Refactor cmp_tool fuzzing

78e6bbff · Dominik Loidolt · bd0a4667 · 78e6bbff · 78e6bbff · 78e6bbff
Commit 78e6bbff authored 3 months ago by Dominik Loidolt
--- a/test/fuzz/fuzz_cmp_tool.c
+++ b/test/fuzz/fuzz_cmp_tool.c
@@ -59,7 +59,8 @@ static int gen_argv(FUZZ_dataProducer_t *producer, char **argv, const char *data
 	/* Add optional arguments no the end so they have higher priority */
 	end = argc-1;
-	add_argument_with_file(argv, end--, "-o", "/tmp/fuzz-output-cmp_tool");
+	/* TODO: How to clean up written stuff by the cmp_tool? */
+	add_argument_with_file(argv, end--, "-o", FUZZ_TMP_DIR "/fuzz-output-cmp_tool");
 	if (FUZZ_dataProducer_uint32Range(producer, 0, 1))
 		add_argument_with_file(argv, end--, "-d", data_file);
 	if (FUZZ_dataProducer_uint32Range(producer, 0, 1))

--- a/test/fuzz/fuzz_data_producer.h
+++ b/test/fuzz/fuzz_data_producer.h
@@ -29,13 +29,21 @@
 #ifndef FUZZ_DATA_PRODUCER_H
 #define FUZZ_DATA_PRODUCER_H
 #include <stddef.h>
 #include <stdint.h>
-#include <stdio.h>
 #include <stdlib.h>
 #include <cmp_chunk.h>
+#ifdef __APPLE__
+#  define FUZZ_TMP_DIR "/tmp"
+#else
+#  define FUZZ_TMP_DIR "/dev/shm"
+#endif
 /* Struct used for maintaining the state of the data */
 typedef struct FUZZ_dataProducer_s FUZZ_dataProducer_t;
@@ -47,14 +55,14 @@ void FUZZ_dataProducer_free(FUZZ_dataProducer_t *producer);
 /* Returns value between [min, max] */
 uint32_t FUZZ_dataProducer_uint32Range(FUZZ_dataProducer_t *producer, uint32_t min,
-                                  uint32_t max);
+				  uint32_t max);
 /* Returns a uint32 value */
 uint32_t FUZZ_dataProducer_uint32(FUZZ_dataProducer_t *producer);
 /* Returns a signed value between [min, max] */
 int32_t FUZZ_dataProducer_int32Range(FUZZ_dataProducer_t *producer,
-                                    int32_t min, int32_t max);
+				    int32_t min, int32_t max);
 /* Provides compression parameters */
 void FUZZ_dataProducer_cmp_par(FUZZ_dataProducer_t *producer, struct cmp_par *cmp_par);
@@ -69,12 +77,16 @@ void FUZZ_dataProducer_rollBack(FUZZ_dataProducer_t *producer, size_t remainingB
 int FUZZ_dataProducer_empty(FUZZ_dataProducer_t *producer);
 /* Restricts the producer to only the last newSize bytes of data.
-If newSize > current data size, nothing happens. Returns the number of bytes
+ * If newSize > current data size, nothing happens. Returns the number of bytes
-the producer won't use anymore, after contracting. */
+ * the producer won't use anymore, after contracting.
+ */
 size_t FUZZ_dataProducer_contract(FUZZ_dataProducer_t *producer, size_t newSize);
-/* Restricts the producer to use only the last X bytes of data, where X is
+/* Restricts the producer to use only the last X bytes of data, where X is a
- a random number in the interval [0, data_size]. Returns the size of the
+ * random number in the interval [0, data_size]. Returns the size of the
- remaining data the producer won't use anymore (the prefix). */
+ * remaining data the producer won't use anymore (the prefix).
+ */
 size_t FUZZ_dataProducer_reserveDataPrefix(FUZZ_dataProducer_t *producer);
 #endif // FUZZ_DATA_PRODUCER_H
--- a/test/fuzz/fuzz_helpers.c
+++ b/test/fuzz/fuzz_helpers.c
@@ -30,6 +30,7 @@
 #include <errno.h>
 #include "fuzz_helpers.h"
+#include "fuzz_data_producer.h"
 void *FUZZ_malloc(size_t size)
@@ -61,11 +62,7 @@ char *FUZZ_buf_to_file(const uint8_t *buf, size_t size)
 	int fd, ret_close;
 	size_t pos = 0;
-#ifdef __APPLE__
+	char *path_name = strdup(FUZZ_TMP_DIR "/fuzz-XXXXXX");
-	char *path_name = strdup("/tmp/fuzz-XXXXXX");
-#else
-	char *path_name = strdup("/dev/shm/fuzz-XXXXXX");
-#endif
 	FUZZ_ASSERT(path_name != NULL);