summaryrefslogtreecommitdiffstats
path: root/ossfuzz/fuzz.h
diff options
context:
space:
mode:
authorNick Terrell <terrelln@fb.com>2019-07-13 02:27:00 (GMT)
committerNick Terrell <terrelln@fb.com>2019-07-15 19:22:04 (GMT)
commit3c40db8d258716b9efcfb46fa6dc29de6e43e616 (patch)
tree7fd1d48f6195dfde2c6475fe035a0061b948e9c3 /ossfuzz/fuzz.h
parent725cb0aafdf78b550c52618fe5cea1fadd278881 (diff)
downloadlz4-3c40db8d258716b9efcfb46fa6dc29de6e43e616.zip
lz4-3c40db8d258716b9efcfb46fa6dc29de6e43e616.tar.gz
lz4-3c40db8d258716b9efcfb46fa6dc29de6e43e616.tar.bz2
[ossfuzz] Improve the fuzzers
* Run more decompression variants * Round trip the compression fuzzer and do partial decompression as well * Add a compression fuzzer that compresses into a smaller output buffer and test the destSize variant These fuzzers caught 2 bugs that were fixed in the previous commit. * Input buffer over-read in partial decompress * Partial decompress fails if output size is 0
Diffstat (limited to 'ossfuzz/fuzz.h')
-rw-r--r--ossfuzz/fuzz.h48
1 files changed, 48 insertions, 0 deletions
diff --git a/ossfuzz/fuzz.h b/ossfuzz/fuzz.h
new file mode 100644
index 0000000..eefac63
--- /dev/null
+++ b/ossfuzz/fuzz.h
@@ -0,0 +1,48 @@
+/**
+ * Fuzz target interface.
+ * Fuzz targets have some common parameters passed as macros during compilation.
+ * Check the documentation for each individual fuzzer for more parameters.
+ *
+ * @param FUZZ_RNG_SEED_SIZE:
+ * The number of bytes of the source to look at when constructing a seed
+ * for the deterministic RNG. These bytes are discarded before passing
+ * the data to lz4 functions. Every fuzzer initializes the RNG exactly
+ * once before doing anything else, even if it is unused.
+ * Default: 4.
+ * @param LZ4_DEBUG:
+ * This is a parameter for the lz4 library. Defining `LZ4_DEBUG=1`
+ * enables assert() statements in the lz4 library. Higher levels enable
+ * logging, so aren't recommended. Defining `LZ4_DEBUG=1` is
+ * recommended.
+ * @param LZ4_FORCE_MEMORY_ACCESS:
+ * This flag controls how the zstd library accesses unaligned memory.
+ * It can be undefined, or 0 through 2. If it is undefined, it selects
+ * the method to use based on the compiler. If testing with UBSAN set
+ * MEM_FORCE_MEMORY_ACCESS=0 to use the standard compliant method.
+ * @param FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+ * This is the canonical flag to enable deterministic builds for fuzzing.
+ * Changes to zstd for fuzzing are gated behind this define.
+ * It is recommended to define this when building zstd for fuzzing.
+ */
+
+#ifndef FUZZ_H
+#define FUZZ_H
+
+#ifndef FUZZ_RNG_SEED_SIZE
+# define FUZZ_RNG_SEED_SIZE 4
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif