diff options
| author | George Karpenkov <ekarpenkov@apple.com> | 2017-08-21 23:25:50 +0000 |
|---|---|---|
| committer | George Karpenkov <ekarpenkov@apple.com> | 2017-08-21 23:25:50 +0000 |
| commit | 10ab2ace1359fd96cd662ad235797e29f9ba3daa (patch) | |
| tree | c5d47c489b54be9c936b8c27a6c89baad3294d61 /compiler-rt/test/fuzzer/CallerCalleeTest.cpp | |
| parent | 9f6f74c2c5ef8bb1e9fa9b0f2c7c3e31d69e62ac (diff) | |
| download | bcm5719-llvm-10ab2ace1359fd96cd662ad235797e29f9ba3daa.tar.gz bcm5719-llvm-10ab2ace1359fd96cd662ad235797e29f9ba3daa.zip | |
Move libFuzzer to compiler_rt.
Resulting library binaries will be named libclang_rt.fuzzer*, and will
be placed in Clang toolchain, allowing redistribution.
Differential Revision: https://reviews.llvm.org/D36908
llvm-svn: 311407
Diffstat (limited to 'compiler-rt/test/fuzzer/CallerCalleeTest.cpp')
| -rw-r--r-- | compiler-rt/test/fuzzer/CallerCalleeTest.cpp | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/compiler-rt/test/fuzzer/CallerCalleeTest.cpp b/compiler-rt/test/fuzzer/CallerCalleeTest.cpp new file mode 100644 index 00000000000..ed9f37cc152 --- /dev/null +++ b/compiler-rt/test/fuzzer/CallerCalleeTest.cpp @@ -0,0 +1,59 @@ +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. + +// Simple test for a fuzzer. +// Try to find the target using the indirect caller-callee pairs. +#include <cstddef> +#include <cstdint> +#include <cstdlib> +#include <cstring> +#include <iostream> + +typedef void (*F)(); +static F t[256]; + +void f34() { + std::cerr << "BINGO\n"; + exit(1); +} +void f23() { t[(unsigned)'d'] = f34;} +void f12() { t[(unsigned)'c'] = f23;} +void f01() { t[(unsigned)'b'] = f12;} +void f00() {} + +static F t0[256] = { + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, + f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, +}; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + if (Size < 4) return 0; + // Spoof the counters. + for (int i = 0; i < 200; i++) { + f23(); + f12(); + f01(); + } + memcpy(t, t0, sizeof(t)); + t[(unsigned)'a'] = f01; + t[Data[0]](); + t[Data[1]](); + t[Data[2]](); + t[Data[3]](); + return 0; +} + |
