mirror of
https://github.com/RPCSX/llvm.git
synced 2025-01-26 06:14:42 +00:00
[libFuzzer] move the mutators to public interface so that custom mutators may reuse these functions directly
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@244250 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
parent
3dd7bf5e76
commit
397ed3e704
@ -29,15 +29,4 @@ UserSuppliedFuzzer::~UserSuppliedFuzzer() {
|
||||
delete Rand;
|
||||
}
|
||||
|
||||
size_t UserSuppliedFuzzer::BasicMutate(uint8_t *Data, size_t Size,
|
||||
size_t MaxSize) {
|
||||
return ::fuzzer::Mutate(Data, Size, MaxSize, *Rand);
|
||||
}
|
||||
size_t UserSuppliedFuzzer::BasicCrossOver(const uint8_t *Data1, size_t Size1,
|
||||
const uint8_t *Data2, size_t Size2,
|
||||
uint8_t *Out, size_t MaxOutSize) {
|
||||
return ::fuzzer::CrossOver(Data1, Size1, Data2, Size2, Out, MaxOutSize,
|
||||
*Rand);
|
||||
}
|
||||
|
||||
} // namespace fuzzer.
|
||||
|
@ -62,6 +62,34 @@ class FuzzerRandomLibc : public FuzzerRandomBase {
|
||||
size_t Rand() override;
|
||||
};
|
||||
|
||||
|
||||
/// Mutates data by shuffling bytes.
|
||||
size_t Mutate_ShuffleBytes(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
/// Mutates data by erasing a byte.
|
||||
size_t Mutate_EraseByte(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
/// Mutates data by inserting a byte.
|
||||
size_t Mutate_InsertByte(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
/// Mutates data by chanding one byte.
|
||||
size_t Mutate_ChangeByte(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
/// Mutates data by chanding one bit.
|
||||
size_t Mutate_ChangeBit(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
|
||||
/// Applies one of the above mutations.
|
||||
/// Returns the new size of data which could be up to MaxSize.
|
||||
size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
|
||||
/// Creates a cross-over of two pieces of Data, returns its size.
|
||||
size_t CrossOver(const uint8_t *Data1, size_t Size1, const uint8_t *Data2,
|
||||
size_t Size2, uint8_t *Out, size_t MaxOutSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
|
||||
|
||||
/** An abstract class that allows to use user-supplied mutators with libFuzzer.
|
||||
|
||||
Usage:
|
||||
@ -94,25 +122,20 @@ class UserSuppliedFuzzer {
|
||||
/// Mutates 'Size' bytes of data in 'Data' inplace into up to 'MaxSize' bytes,
|
||||
/// returns the new size of the data, which should be positive.
|
||||
virtual size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize) {
|
||||
return BasicMutate(Data, Size, MaxSize);
|
||||
return ::fuzzer::Mutate(Data, Size, MaxSize, GetRand());
|
||||
}
|
||||
/// Crosses 'Data1' and 'Data2', writes up to 'MaxOutSize' bytes into Out,
|
||||
/// returns the number of bytes written, which should be positive.
|
||||
virtual size_t CrossOver(const uint8_t *Data1, size_t Size1,
|
||||
const uint8_t *Data2, size_t Size2,
|
||||
uint8_t *Out, size_t MaxOutSize) {
|
||||
return BasicCrossOver(Data1, Size1, Data2, Size2, Out, MaxOutSize);
|
||||
return ::fuzzer::CrossOver(Data1, Size1, Data2, Size2, Out, MaxOutSize,
|
||||
GetRand());
|
||||
}
|
||||
virtual ~UserSuppliedFuzzer();
|
||||
|
||||
FuzzerRandomBase &GetRand() { return *Rand; }
|
||||
|
||||
protected:
|
||||
/// These can be called internally by Mutate and CrossOver.
|
||||
size_t BasicMutate(uint8_t *Data, size_t Size, size_t MaxSize);
|
||||
size_t BasicCrossOver(const uint8_t *Data1, size_t Size1,
|
||||
const uint8_t *Data2, size_t Size2,
|
||||
uint8_t *Out, size_t MaxOutSize);
|
||||
private:
|
||||
bool OwnRand = false;
|
||||
FuzzerRandomBase *Rand;
|
||||
|
@ -33,23 +33,6 @@ void CopyFileToErr(const std::string &Path);
|
||||
std::string DirPlusFile(const std::string &DirPath,
|
||||
const std::string &FileName);
|
||||
|
||||
size_t Mutate_ShuffleBytes(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
size_t Mutate_EraseByte(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
size_t Mutate_InsertByte(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
size_t Mutate_ChangeByte(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
size_t Mutate_ChangeBit(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
|
||||
size_t CrossOver(const uint8_t *Data1, size_t Size1, const uint8_t *Data2,
|
||||
size_t Size2, uint8_t *Out, size_t MaxOutSize,
|
||||
FuzzerRandomBase &Rand);
|
||||
|
||||
void Printf(const char *Fmt, ...);
|
||||
void Print(const Unit &U, const char *PrintAfter = "");
|
||||
void PrintASCII(const Unit &U, const char *PrintAfter = "");
|
||||
|
@ -37,8 +37,8 @@ class MyFuzzer : public fuzzer::UserSuppliedFuzzer {
|
||||
Size = sizeof(kMagic);
|
||||
// "Fix" the data, then mutate.
|
||||
memcpy(Data, &kMagic, std::min(MaxSize, sizeof(kMagic)));
|
||||
return BasicMutate(Data + sizeof(kMagic), Size - sizeof(kMagic),
|
||||
MaxSize - sizeof(kMagic));
|
||||
return fuzzer::UserSuppliedFuzzer::Mutate(
|
||||
Data + sizeof(kMagic), Size - sizeof(kMagic), MaxSize - sizeof(kMagic));
|
||||
}
|
||||
// No need to redefine CrossOver() here.
|
||||
};
|
||||
|
Loading…
x
Reference in New Issue
Block a user