/src/fuzz-headers/lang/c/ada_fuzz_header.h

Source (jump to first uncovered line)
/*
 * Copyright (c) 2021, Ada Logics Ltd. 
 * All rights reserverd. 
 * 
*/

// Simple garbage collector 
#define GB_SIZE 100

void *pointer_arr[GB_SIZE];
static int pointer_idx = 0;

// If the garbage collector is used then this must be called as first thing
// during a fuzz run.
void af_gb_init() {
  pointer_idx = 0;

   for (int i = 0; i < GB_SIZE; i++) {
     pointer_arr[i] = NULL;
   }
}

void af_gb_cleanup() {
  for(int i = 0; i < GB_SIZE; i++) {
    if (pointer_arr[i] != NULL) {
      free(pointer_arr[i]);
    }
  }
}

char *af_get_null_terminated(const uint8_t **data, size_t *size) {
#define STR_SIZE 75
  if (*size < STR_SIZE || (int)*size < 0) {
    return NULL;
  }

  char *new_s = malloc(STR_SIZE + 1);
  memcpy(new_s, *data, STR_SIZE);
  new_s[STR_SIZE] = '\0';

  *data = *data+STR_SIZE;
  *size -= STR_SIZE;
  return new_s;
}

char *af_gb_get_random_data(const uint8_t **data, size_t *size, size_t to_get) {
  if (*size < to_get || (int)*size < 0) {
    return NULL;
  }

  char *new_s = malloc(to_get);
  memcpy(new_s, *data, to_get);

  pointer_arr[pointer_idx++] = (void*)new_s;
  
  *data = *data + to_get;
  *size -= to_get;

  return new_s;
}

char *af_gb_get_null_terminated(const uint8_t **data, size_t *size) {

  char *nstr = af_get_null_terminated(data, size);
  if (nstr == NULL) {
    return NULL;
  }
  pointer_arr[pointer_idx++] = (void*)nstr;
  return nstr;
}

char *af_gb_alloc_data(size_t len) {
  char *ptr = calloc(1, len);
  pointer_arr[pointer_idx++] = (void*)ptr;
  
  return ptr;
}

char *af_gb_get_fixed_string() {
  char *ptr = malloc(2);
  ptr[0] = 'A';
  ptr[1] = '\0';
  pointer_arr[pointer_idx++] = (void*)ptr;

  return ptr;
}

short af_get_short(const uint8_t **data, size_t *size) {
  if (*size <= 0) return 0;
  short c = (short)(*data)[0];
  *data += 1;
  *size-=1;
  return c;
}

int af_get_int(const uint8_t **data, size_t *size) {
  if (*size <= 4) return 0;
  const uint8_t *ptr = *data;
  int val = *((int*)ptr);
  *data += 4;
  *size -= 4;
  return val;
}


// end simple garbage collector.


/* A-style */
const uint8_t *a_origin_data;
size_t a_size;

void af_safe_gb_init(const uint8_t *data, size_t size) {
  af_gb_init();
  a_origin_data = data;
  a_size = size;
}

int ada_safe_get_int() {
  return af_get_int(&a_origin_data, &a_size);
}

char *ada_safe_get_char_p() {
  char *tmps = af_gb_get_null_terminated(&a_origin_data, &a_size);
  if (tmps != NULL) {
    return tmps;
  }
  return af_gb_get_fixed_string();
}

char *filename2 = NULL;

char *af_safe_write_random_file() {
  char *filename = malloc(10);
  filename[0] = '/';
  filename[1] = 't';
  filename[2] = 'm';
  filename[3] = 'p';
  filename[4] = '/';
  filename[5] = '1';
  filename[6] = '2';
  filename[7] = '.';
  filename[8] = 'a';
  filename[9] = '\0';
  filename2 = filename;

  FILE *fp = fopen(filename, "wb");
  char *content = ada_safe_get_char_p();
  fwrite(content, strlen(content), 1, fp);
  fclose(fp);

  return filename;
}

void af_safe_gb_cleanup() {
  af_gb_cleanup();

  if (filename2 != NULL) {
    unlink(filename2);
    free(filename2);
    filename2 = NULL;
  }
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright (c) 2021, Ada Logics Ltd.
3		* All rights reserverd.
4		*
5		*/
6
7		// Simple garbage collector
8	636k	#define GB_SIZE 100
9
10		void *pointer_arr[GB_SIZE];
11		static int pointer_idx = 0;
12
13		// If the garbage collector is used then this must be called as first thing
14		// during a fuzz run.
15	3.15k	void af_gb_init() {
16	3.15k	pointer_idx = 0;
17
18	318k	for (int i = 0; i < GB_SIZE; i++) {
19	315k	pointer_arr[i] = NULL;
20	315k	}
21	3.15k	}
22
23	3.15k	void af_gb_cleanup() {
24	318k	for(int i = 0; i < GB_SIZE; i++) {
25	315k	if (pointer_arr[i] != NULL) {
26	9.64k	free(pointer_arr[i]);
27	9.64k	}
28	315k	}
29	3.15k	}
30
31	17.8k	char af_get_null_terminated(const uint8_t data, size_t size) {
32	83.8k	#define STR_SIZE 75
33	17.8k	if (size < STR_SIZE \|\| (int)size < 0) {
34	8.19k	return NULL;
35	8.19k	}
36
37	9.64k	char *new_s = malloc(STR_SIZE + 1);
38	9.64k	memcpy(new_s, *data, STR_SIZE);
39	9.64k	new_s[STR_SIZE] = '\0';
40
41	9.64k	data = data+STR_SIZE;
42	9.64k	*size -= STR_SIZE;
43	9.64k	return new_s;
44	17.8k	}
45
46	0	char af_gb_get_random_data(const uint8_t data, size_t size, size_t to_get) {
47	0	if (size < to_get \|\| (int)size < 0) {
48	0	return NULL;
49	0	}
50
51	0	char *new_s = malloc(to_get);
52	0	memcpy(new_s, *data, to_get);
53
54	0	pointer_arr[pointer_idx++] = (void*)new_s;
55
56	0	data = data + to_get;
57	0	*size -= to_get;
58
59	0	return new_s;
60	0	}
61
62	17.8k	char af_gb_get_null_terminated(const uint8_t data, size_t size) {
63
64	17.8k	char *nstr = af_get_null_terminated(data, size);
65	17.8k	if (nstr == NULL) {
66	8.19k	return NULL;
67	8.19k	}
68	9.64k	pointer_arr[pointer_idx++] = (void*)nstr;
69	9.64k	return nstr;
70	17.8k	}
71
72	0	char *af_gb_alloc_data(size_t len) {
73	0	char *ptr = calloc(1, len);
74	0	pointer_arr[pointer_idx++] = (void*)ptr;
75
76	0	return ptr;
77	0	}
78
79	0	char *af_gb_get_fixed_string() {
80	0	char *ptr = malloc(2);
81	0	ptr[0] = 'A';
82	0	ptr[1] = '\0';
83	0	pointer_arr[pointer_idx++] = (void*)ptr;
84
85	0	return ptr;
86	0	}
87
88	3.91k	short af_get_short(const uint8_t *data, size_t size) {
89	3.91k	if (*size <= 0) return 0;
90	873	short c = (short)(*data)[0];
91	873	*data += 1;
92	873	*size-=1;
93	873	return c;
94	3.91k	}
95
96	0	int af_get_int(const uint8_t *data, size_t size) {
97	0	if (*size <= 4) return 0;
98	0	const uint8_t ptr = data;
99	0	int val = ((int)ptr);
100	0	*data += 4;
101	0	*size -= 4;
102	0	return val;
103	0	}
104
105
106		// end simple garbage collector.
107
108
109		/* A-style */
110		const uint8_t *a_origin_data;
111		size_t a_size;
112
113	0	void af_safe_gb_init(const uint8_t *data, size_t size) {
114	0	af_gb_init();
115	0	a_origin_data = data;
116	0	a_size = size;
117	0	}
118
119	0	int ada_safe_get_int() {
120	0	return af_get_int(&a_origin_data, &a_size);
121	0	}
122
123	0	char *ada_safe_get_char_p() {
124	0	char *tmps = af_gb_get_null_terminated(&a_origin_data, &a_size);
125	0	if (tmps != NULL) {
126	0	return tmps;
127	0	}
128	0	return af_gb_get_fixed_string();
129	0	}
130
131		char *filename2 = NULL;
132
133	0	char *af_safe_write_random_file() {
134	0	char *filename = malloc(10);
135	0	filename[0] = '/';
136	0	filename[1] = 't';
137	0	filename[2] = 'm';
138	0	filename[3] = 'p';
139	0	filename[4] = '/';
140	0	filename[5] = '1';
141	0	filename[6] = '2';
142	0	filename[7] = '.';
143	0	filename[8] = 'a';
144	0	filename[9] = '\0';
145	0	filename2 = filename;
146
147	0	FILE *fp = fopen(filename, "wb");
148	0	char *content = ada_safe_get_char_p();
149	0	fwrite(content, strlen(content), 1, fp);
150	0	fclose(fp);
151
152	0	return filename;
153	0	}
154
155	0	void af_safe_gb_cleanup() {
156	0	af_gb_cleanup();
157
158	0	if (filename2 != NULL) {
159	0	unlink(filename2);
160	0	free(filename2);
161	0	filename2 = NULL;
162	0	}
163	0	}

Coverage Report

Created: 2023-03-26 06:28