diff options
| author | Matt Morehouse <mascasa@google.com> | 2019-01-07 16:14:00 +0000 |
|---|---|---|
| committer | Matt Morehouse <mascasa@google.com> | 2019-01-07 16:14:00 +0000 |
| commit | 4d7e47a5451d8debd575fdc1594f85bc869b4a2e (patch) | |
| tree | 2792e85ceb7b6596060374e759718cfb03ca91c8 /llvm/tools/llvm-itanium-demangle-fuzzer | |
| parent | 47f92d3270f97598b6bbd47d44eea780e04afbcf (diff) | |
| download | bcm5719-llvm-4d7e47a5451d8debd575fdc1594f85bc869b4a2e.tar.gz bcm5719-llvm-4d7e47a5451d8debd575fdc1594f85bc869b4a2e.zip | |
[llvm-demangle-fuzzer] Also fuzz microsoftDemangle().
Summary:
Use first byte of input to determine whether to call itaniumDemangle()
or microsoftDemangle().
Addresses https://bugs.llvm.org/show_bug.cgi?id=39582.
Reviewers: kcc, thakis
Reviewed By: kcc, thakis
Subscribers: mgorny, thakis, erik.pilkington, llvm-commits
Differential Revision: https://reviews.llvm.org/D54780
llvm-svn: 350534
Diffstat (limited to 'llvm/tools/llvm-itanium-demangle-fuzzer')
3 files changed, 53 insertions, 0 deletions
diff --git a/llvm/tools/llvm-itanium-demangle-fuzzer/CMakeLists.txt b/llvm/tools/llvm-itanium-demangle-fuzzer/CMakeLists.txt new file mode 100644 index 00000000000..07f02a35b20 --- /dev/null +++ b/llvm/tools/llvm-itanium-demangle-fuzzer/CMakeLists.txt @@ -0,0 +1,10 @@ +set(LLVM_LINK_COMPONENTS + Demangle + FuzzMutate + Support +) + +add_llvm_fuzzer(llvm-itanium-demangle-fuzzer + llvm-itanium-demangle-fuzzer.cpp + DUMMY_MAIN DummyDemanglerFuzzer.cpp + ) diff --git a/llvm/tools/llvm-itanium-demangle-fuzzer/DummyDemanglerFuzzer.cpp b/llvm/tools/llvm-itanium-demangle-fuzzer/DummyDemanglerFuzzer.cpp new file mode 100644 index 00000000000..a2bf9f1b807 --- /dev/null +++ b/llvm/tools/llvm-itanium-demangle-fuzzer/DummyDemanglerFuzzer.cpp @@ -0,0 +1,19 @@ +//===--- DummyDemanglerMain.cpp - Entry point to sanity check the fuzzer --===// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// +// +// Implementation of main so we can build and test without linking libFuzzer. +// +//===----------------------------------------------------------------------===// + +#include "llvm/FuzzMutate/FuzzerCLI.h" + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); +int main(int argc, char *argv[]) { + return llvm::runFuzzerOnInputs(argc, argv, LLVMFuzzerTestOneInput); +} diff --git a/llvm/tools/llvm-itanium-demangle-fuzzer/llvm-itanium-demangle-fuzzer.cpp b/llvm/tools/llvm-itanium-demangle-fuzzer/llvm-itanium-demangle-fuzzer.cpp new file mode 100644 index 00000000000..07c290a0be5 --- /dev/null +++ b/llvm/tools/llvm-itanium-demangle-fuzzer/llvm-itanium-demangle-fuzzer.cpp @@ -0,0 +1,24 @@ +//===--- llvm-demangle-fuzzer.cpp - Fuzzer for the Itanium Demangler ------===// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// + +#include "llvm/Demangle/Demangle.h" + +#include <cstdint> +#include <cstdlib> +#include <string> + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + std::string NullTerminatedString((const char *)Data, Size); + int status = 0; + if (char *demangle = llvm::itaniumDemangle(NullTerminatedString.c_str(), nullptr, + nullptr, &status)) + free(demangle); + + return 0; +} |
