aboutsummaryrefslogtreecommitdiff
path: root/src/test/fuzz
diff options
context:
space:
mode:
authorMarcoFalke <falke.marco@gmail.com>2019-01-25 18:35:36 -0500
committerMarcoFalke <falke.marco@gmail.com>2019-01-29 19:03:06 -0500
commit2ca632e5b44a8385989c8539cc4e30e60fdee16c (patch)
tree86483d6d393f2e883114fa199914123a72232945 /src/test/fuzz
parentfab4bed68a3964ace5620a25d32d62ed87003126 (diff)
test: Build fuzz targets into seperate executables
Diffstat (limited to 'src/test/fuzz')
-rw-r--r--src/test/fuzz/fuzz.cpp77
-rw-r--r--src/test/fuzz/fuzz.h17
2 files changed, 94 insertions, 0 deletions
diff --git a/src/test/fuzz/fuzz.cpp b/src/test/fuzz/fuzz.cpp
new file mode 100644
index 0000000000..0709da5563
--- /dev/null
+++ b/src/test/fuzz/fuzz.cpp
@@ -0,0 +1,77 @@
+// Copyright (c) 2009-2019 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <test/fuzz/fuzz.h>
+
+#include <unistd.h>
+
+#include <pubkey.h>
+#include <util/memory.h>
+
+
+static bool read_stdin(std::vector<uint8_t>& data)
+{
+ uint8_t buffer[1024];
+ ssize_t length = 0;
+ while ((length = read(STDIN_FILENO, buffer, 1024)) > 0) {
+ data.insert(data.end(), buffer, buffer + length);
+
+ if (data.size() > (1 << 20)) return false;
+ }
+ return length == 0;
+}
+
+static void initialize()
+{
+ const static auto verify_handle = MakeUnique<ECCVerifyHandle>();
+}
+
+// This function is used by libFuzzer
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+ test_one_input(std::vector<uint8_t>(data, data + size));
+ return 0;
+}
+
+// This function is used by libFuzzer
+extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv)
+{
+ initialize();
+ return 0;
+}
+
+// Disabled under WIN32 due to clash with Cygwin's WinMain.
+#ifndef WIN32
+// Declare main(...) "weak" to allow for libFuzzer linking. libFuzzer provides
+// the main(...) function.
+__attribute__((weak))
+#endif
+int main(int argc, char **argv)
+{
+ initialize();
+#ifdef __AFL_INIT
+ // Enable AFL deferred forkserver mode. Requires compilation using
+ // afl-clang-fast++. See fuzzing.md for details.
+ __AFL_INIT();
+#endif
+
+#ifdef __AFL_LOOP
+ // Enable AFL persistent mode. Requires compilation using afl-clang-fast++.
+ // See fuzzing.md for details.
+ while (__AFL_LOOP(1000)) {
+ std::vector<uint8_t> buffer;
+ if (!read_stdin(buffer)) {
+ continue;
+ }
+ test_one_input(buffer);
+ }
+#else
+ std::vector<uint8_t> buffer;
+ if (!read_stdin(buffer)) {
+ return 0;
+ }
+ test_one_input(buffer);
+#endif
+ return 0;
+}
diff --git a/src/test/fuzz/fuzz.h b/src/test/fuzz/fuzz.h
new file mode 100644
index 0000000000..ad62a5faf0
--- /dev/null
+++ b/src/test/fuzz/fuzz.h
@@ -0,0 +1,17 @@
+// Copyright (c) 2009-2019 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_TEST_FUZZ_FUZZ_H
+#define BITCOIN_TEST_FUZZ_FUZZ_H
+
+#include <functional>
+#include <stdint.h>
+#include <vector>
+
+
+const std::function<std::string(const char*)> G_TRANSLATION_FUN = nullptr;
+
+void test_one_input(std::vector<uint8_t> buffer);
+
+#endif // BITCOIN_TEST_FUZZ_FUZZ_H