Coverage Report

Created: 2023-03-26 06:28

/src/fuzz-headers/lang/c/ada_fuzz_header.h
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2021, Ada Logics Ltd. 
3
 * All rights reserverd. 
4
 * 
5
*/
6
7
// Simple garbage collector 
8
636k
#define GB_SIZE 100
9
10
void *pointer_arr[GB_SIZE];
11
static int pointer_idx = 0;
12
13
// If the garbage collector is used then this must be called as first thing
14
// during a fuzz run.
15
3.15k
void af_gb_init() {
16
3.15k
  pointer_idx = 0;
17
18
318k
   for (int i = 0; i < GB_SIZE; i++) {
19
315k
     pointer_arr[i] = NULL;
20
315k
   }
21
3.15k
}
22
23
3.15k
void af_gb_cleanup() {
24
318k
  for(int i = 0; i < GB_SIZE; i++) {
25
315k
    if (pointer_arr[i] != NULL) {
26
9.64k
      free(pointer_arr[i]);
27
9.64k
    }
28
315k
  }
29
3.15k
}
30
31
17.8k
char *af_get_null_terminated(const uint8_t **data, size_t *size) {
32
83.8k
#define STR_SIZE 75
33
17.8k
  if (*size < STR_SIZE || (int)*size < 0) {
34
8.19k
    return NULL;
35
8.19k
  }
36
37
9.64k
  char *new_s = malloc(STR_SIZE + 1);
38
9.64k
  memcpy(new_s, *data, STR_SIZE);
39
9.64k
  new_s[STR_SIZE] = '\0';
40
41
9.64k
  *data = *data+STR_SIZE;
42
9.64k
  *size -= STR_SIZE;
43
9.64k
  return new_s;
44
17.8k
}
45
46
0
char *af_gb_get_random_data(const uint8_t **data, size_t *size, size_t to_get) {
47
0
  if (*size < to_get || (int)*size < 0) {
48
0
    return NULL;
49
0
  }
50
51
0
  char *new_s = malloc(to_get);
52
0
  memcpy(new_s, *data, to_get);
53
54
0
  pointer_arr[pointer_idx++] = (void*)new_s;
55
  
56
0
  *data = *data + to_get;
57
0
  *size -= to_get;
58
59
0
  return new_s;
60
0
}
61
62
17.8k
char *af_gb_get_null_terminated(const uint8_t **data, size_t *size) {
63
64
17.8k
  char *nstr = af_get_null_terminated(data, size);
65
17.8k
  if (nstr == NULL) {
66
8.19k
    return NULL;
67
8.19k
  }
68
9.64k
  pointer_arr[pointer_idx++] = (void*)nstr;
69
9.64k
  return nstr;
70
17.8k
}
71
72
0
char *af_gb_alloc_data(size_t len) {
73
0
  char *ptr = calloc(1, len);
74
0
  pointer_arr[pointer_idx++] = (void*)ptr;
75
  
76
0
  return ptr;
77
0
}
78
79
0
char *af_gb_get_fixed_string() {
80
0
  char *ptr = malloc(2);
81
0
  ptr[0] = 'A';
82
0
  ptr[1] = '\0';
83
0
  pointer_arr[pointer_idx++] = (void*)ptr;
84
85
0
  return ptr;
86
0
}
87
88
3.91k
short af_get_short(const uint8_t **data, size_t *size) {
89
3.91k
  if (*size <= 0) return 0;
90
873
  short c = (short)(*data)[0];
91
873
  *data += 1;
92
873
  *size-=1;
93
873
  return c;
94
3.91k
}
95
96
0
int af_get_int(const uint8_t **data, size_t *size) {
97
0
  if (*size <= 4) return 0;
98
0
  const uint8_t *ptr = *data;
99
0
  int val = *((int*)ptr);
100
0
  *data += 4;
101
0
  *size -= 4;
102
0
  return val;
103
0
}
104
105
106
// end simple garbage collector.
107
108
109
/* A-style */
110
const uint8_t *a_origin_data;
111
size_t a_size;
112
113
0
void af_safe_gb_init(const uint8_t *data, size_t size) {
114
0
  af_gb_init();
115
0
  a_origin_data = data;
116
0
  a_size = size;
117
0
}
118
119
0
int ada_safe_get_int() {
120
0
  return af_get_int(&a_origin_data, &a_size);
121
0
}
122
123
0
char *ada_safe_get_char_p() {
124
0
  char *tmps = af_gb_get_null_terminated(&a_origin_data, &a_size);
125
0
  if (tmps != NULL) {
126
0
    return tmps;
127
0
  }
128
0
  return af_gb_get_fixed_string();
129
0
}
130
131
char *filename2 = NULL;
132
133
0
char *af_safe_write_random_file() {
134
0
  char *filename = malloc(10);
135
0
  filename[0] = '/';
136
0
  filename[1] = 't';
137
0
  filename[2] = 'm';
138
0
  filename[3] = 'p';
139
0
  filename[4] = '/';
140
0
  filename[5] = '1';
141
0
  filename[6] = '2';
142
0
  filename[7] = '.';
143
0
  filename[8] = 'a';
144
0
  filename[9] = '\0';
145
0
  filename2 = filename;
146
147
0
  FILE *fp = fopen(filename, "wb");
148
0
  char *content = ada_safe_get_char_p();
149
0
  fwrite(content, strlen(content), 1, fp);
150
0
  fclose(fp);
151
152
0
  return filename;
153
0
}
154
155
0
void af_safe_gb_cleanup() {
156
0
  af_gb_cleanup();
157
158
0
  if (filename2 != NULL) {
159
0
    unlink(filename2);
160
0
    free(filename2);
161
0
    filename2 = NULL;
162
0
  }
163
0
}