llvm.org GIT mirror llvm / 49429ce
[libFuzzer] don't require seed in fuzzer::Mutate, instead use the global Fuzzer object for fuzzer::Mutate. This makes custom mutators fast git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260810 91177308-0d34-0410-b5e6-96231b3b80d8 Kostya Serebryany 4 years ago
5 changed file(s) with 21 addition(s) and 12 deletion(s). Raw diff Collapse all Expand all
6969 */
7070 int FuzzerDriver(int argc, char **argv, UserCallback Callback);
7171
72 // Same interface as LLVMFuzzerTestOneInput.
72 // Mutates raw data in [Data, Data+Size] inplace.
73 // Returns the new size, which is not greater than MaxSize.
7374 // Can be used inside the user-supplied LLVMFuzzerTestOneInput.
74 size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize, unsigned int Seed);
75 size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize);
7576
7677 } // namespace fuzzer
7778
321321
322322 // Merge Corpora[1:] into Corpora[0].
323323 void Merge(const std::vector &Corpora);
324 MutationDispatcher &GetMD() { return MD; }
324325
325326 private:
326327 void AlarmCallback();
5858
5959 // Only one Fuzzer per process.
6060 static Fuzzer *F;
61
62 size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize) {
63 assert(F);
64 return F->GetMD().Mutate(Data, Size, MaxSize);
65 }
6166
6267 Fuzzer::Fuzzer(UserCallback CB, MutationDispatcher &MD, FuzzingOptions Options)
6368 : CB(CB), MD(MD), Options(Options) {
3232 {&MutationDispatcher::Mutate_AddWordFromPersistentAutoDictionary,
3333 "AddFromPersAutoDict"},
3434 };
35
36 size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize, unsigned int Seed) {
37 Random R(Seed);
38 MutationDispatcher MD(R);
39 return MD.Mutate(Data, Size, MaxSize);
40 }
4135
4236 static char FlipRandomBit(char X, Random &Rand) {
4337 int Bit = Rand(8);
66
77 #include "FuzzerInterface.h"
88
9 static volatile int Sink;
10
911 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
1012 assert(Data);
11 if (Size > 0 && Data[0] == 'F') {
12 std::cout << "BINGO; Found the target, exiting\n";
13 exit(1);
13 if (Size > 0 && Data[0] == 'H') {
14 Sink = 1;
15 if (Size > 1 && Data[1] == 'i') {
16 Sink = 2;
17 if (Size > 2 && Data[2] == '!') {
18 std::cout << "BINGO; Found the target, exiting\n";
19 exit(1);
20 }
21 }
1422 }
1523 return 0;
1624 }
2230 std::cerr << "In LLVMFuzzerCustomMutator\n";
2331 Printed = true;
2432 }
25 return fuzzer::Mutate(Data, Size, MaxSize, Seed);
33 return fuzzer::Mutate(Data, Size, MaxSize);
2634 }