RPCSX/llvm
1
0
Fork 0
mirror of https://github.com/RPCSX/llvm.git synced 2024-12-04 18:06:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

[libFuzzer] move some code from public interface header to a non-public header. NFC

Browse Source 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257963 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Kostya Serebryany 2016-01-16 00:04:36 +00:00
parent 2389b80cea
commit f7dd1d2c0c
4 changed files with 90 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
lib/Fuzzer/FuzzerInterface.cpp
View File

@ -20,11 +20,30 @@ void FuzzerRandomLibc::ResetSeed(unsigned int seed) { srand(seed); }
size_t FuzzerRandomLibc::Rand() { return rand(); }
UserSuppliedFuzzer::UserSuppliedFuzzer(FuzzerRandomBase *Rand)
: Rand(Rand), MD(*Rand) {}
: Rand(Rand), MD(new MutationDispatcher(*Rand)) {}
UserSuppliedFuzzer::~UserSuppliedFuzzer() {
if (OwnRand)
delete Rand;
delete MD;
}
size_t UserSuppliedFuzzer::Mutate(uint8_t *Data, size_t Size, size_t MaxSize) {
return GetMD().Mutate(Data, Size, MaxSize);
}
size_t UserSuppliedFuzzer::CrossOver(const uint8_t *Data1, size_t Size1,
const uint8_t *Data2, size_t Size2,
uint8_t *Out, size_t MaxOutSize) {
return GetMD().CrossOver(Data1, Size1, Data2, Size2, Out, MaxOutSize);
}
size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize,
FuzzerRandomBase &Rand) {
MutationDispatcher MD(Rand);
return MD.Mutate(Data, Size, MaxSize);
}
} // namespace fuzzer.

85
lib/Fuzzer/FuzzerInterface.h
View File

@ -68,73 +68,11 @@ class FuzzerRandomLibc : public FuzzerRandomBase {
size_t Rand() override;
};
class MutationDispatcher {
public:
MutationDispatcher(FuzzerRandomBase &Rand);
~MutationDispatcher();
/// Indicate that we are about to start a new sequence of mutations.
void StartMutationSequence();
/// Print the current sequence of mutations.
void PrintMutationSequence();
/// Indicate that the current sequence of mutations was successfull.
void RecordSuccessfulMutationSequence();
/// Mutates data by shuffling bytes.
size_t Mutate_ShuffleBytes(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by erasing a byte.
size_t Mutate_EraseByte(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by inserting a byte.
size_t Mutate_InsertByte(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by chanding one byte.
size_t Mutate_ChangeByte(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by chanding one bit.
size_t Mutate_ChangeBit(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by adding a word from the manual dictionary.
size_t Mutate_AddWordFromManualDictionary(uint8_t *Data, size_t Size,
size_t MaxSize);
/// Mutates data by adding a word from the temporary automatic dictionary.
size_t Mutate_AddWordFromTemporaryAutoDictionary(uint8_t *Data, size_t Size,
size_t MaxSize);
/// Mutates data by adding a word from the persistent automatic dictionary.
size_t Mutate_AddWordFromPersistentAutoDictionary(uint8_t *Data, size_t Size,
size_t MaxSize);
/// Tries to find an ASCII integer in Data, changes it to another ASCII int.
size_t Mutate_ChangeASCIIInteger(uint8_t *Data, size_t Size, size_t MaxSize);
/// CrossOver Data with some other element of the corpus.
size_t Mutate_CrossOver(uint8_t *Data, size_t Size, size_t MaxSize);
/// Applies one of the above mutations.
/// Returns the new size of data which could be up to MaxSize.
size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize);
/// Creates a cross-over of two pieces of Data, returns its size.
size_t CrossOver(const uint8_t *Data1, size_t Size1, const uint8_t *Data2,
size_t Size2, uint8_t *Out, size_t MaxOutSize);
void AddWordToManualDictionary(const Unit &Word);
void AddWordToAutoDictionary(const Unit &Word, size_t PositionHint);
void ClearAutoDictionary();
void PrintRecommendedDictionary();
void SetCorpus(const std::vector<Unit> *Corpus);
private:
FuzzerRandomBase &Rand;
struct Impl;
Impl *MDImpl;
};
// For backward compatibility only, deprecated.
static inline size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize,
FuzzerRandomBase &Rand) {
MutationDispatcher MD(Rand);
return MD.Mutate(Data, Size, MaxSize);
}
size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize,
FuzzerRandomBase &Rand);
class MutationDispatcher;
/** An abstract class that allows to use user-supplied mutators with libFuzzer.
@ -164,31 +102,24 @@ class UserSuppliedFuzzer {
UserSuppliedFuzzer(FuzzerRandomBase *Rand);
/// Executes the target function on 'Size' bytes of 'Data'.
virtual int TargetFunction(const uint8_t *Data, size_t Size) = 0;
virtual void SetCorpus(const std::vector<Unit> *Corpus) {
MD.SetCorpus(Corpus);
}
/// Mutates 'Size' bytes of data in 'Data' inplace into up to 'MaxSize' bytes,
/// returns the new size of the data, which should be positive.
virtual size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize) {
return MD.Mutate(Data, Size, MaxSize);
}
virtual size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize);
/// Crosses 'Data1' and 'Data2', writes up to 'MaxOutSize' bytes into Out,
/// returns the number of bytes written, which should be positive.
virtual size_t CrossOver(const uint8_t *Data1, size_t Size1,
const uint8_t *Data2, size_t Size2,
uint8_t *Out, size_t MaxOutSize) {
return MD.CrossOver(Data1, Size1, Data2, Size2, Out, MaxOutSize);
}
uint8_t *Out, size_t MaxOutSize);
virtual ~UserSuppliedFuzzer();
FuzzerRandomBase &GetRand() { return *Rand; }
MutationDispatcher &GetMD() { return MD; }
MutationDispatcher &GetMD() { return *MD; }
private:
bool OwnRand = false;
FuzzerRandomBase *Rand;
MutationDispatcher MD;
MutationDispatcher *MD;
};
/// Runs the fuzzing with the UserSuppliedFuzzer.

61
lib/Fuzzer/FuzzerInternal.h
View File

@ -70,6 +70,67 @@ bool ParseOneDictionaryEntry(const std::string &Str, Unit *U);
// were parsed succesfully.
bool ParseDictionaryFile(const std::string &Text, std::vector<Unit> *Units);
class MutationDispatcher {
public:
MutationDispatcher(FuzzerRandomBase &Rand);
~MutationDispatcher();
/// Indicate that we are about to start a new sequence of mutations.
void StartMutationSequence();
/// Print the current sequence of mutations.
void PrintMutationSequence();
/// Indicate that the current sequence of mutations was successfull.
void RecordSuccessfulMutationSequence();
/// Mutates data by shuffling bytes.
size_t Mutate_ShuffleBytes(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by erasing a byte.
size_t Mutate_EraseByte(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by inserting a byte.
size_t Mutate_InsertByte(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by chanding one byte.
size_t Mutate_ChangeByte(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by chanding one bit.
size_t Mutate_ChangeBit(uint8_t *Data, size_t Size, size_t MaxSize);
/// Mutates data by adding a word from the manual dictionary.
size_t Mutate_AddWordFromManualDictionary(uint8_t *Data, size_t Size,
size_t MaxSize);
/// Mutates data by adding a word from the temporary automatic dictionary.
size_t Mutate_AddWordFromTemporaryAutoDictionary(uint8_t *Data, size_t Size,
size_t MaxSize);
/// Mutates data by adding a word from the persistent automatic dictionary.
size_t Mutate_AddWordFromPersistentAutoDictionary(uint8_t *Data, size_t Size,
size_t MaxSize);
/// Tries to find an ASCII integer in Data, changes it to another ASCII int.
size_t Mutate_ChangeASCIIInteger(uint8_t *Data, size_t Size, size_t MaxSize);
/// CrossOver Data with some other element of the corpus.
size_t Mutate_CrossOver(uint8_t *Data, size_t Size, size_t MaxSize);
/// Applies one of the above mutations.
/// Returns the new size of data which could be up to MaxSize.
size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize);
/// Creates a cross-over of two pieces of Data, returns its size.
size_t CrossOver(const uint8_t *Data1, size_t Size1, const uint8_t *Data2,
size_t Size2, uint8_t *Out, size_t MaxOutSize);
void AddWordToManualDictionary(const Unit &Word);
void AddWordToAutoDictionary(const Unit &Word, size_t PositionHint);
void ClearAutoDictionary();
void PrintRecommendedDictionary();
void SetCorpus(const std::vector<Unit> *Corpus);
private:
FuzzerRandomBase &Rand;
struct Impl;
Impl *MDImpl;
};
class Fuzzer {
public:
struct FuzzingOptions {

2
lib/Fuzzer/FuzzerLoop.cpp
View File

@ -478,7 +478,7 @@ void Fuzzer::Drill() {
void Fuzzer::Loop() {
system_clock::time_point LastCorpusReload = system_clock::now();
if (Options.DoCrossOver)
USF.SetCorpus(&Corpus);
USF.GetMD().SetCorpus(&Corpus);
while (true) {
SyncCorpus();
auto Now = system_clock::now();