/src/fuzz-headers/lang/c/ada_fuzz_header.h

Source (jump to first uncovered line)
/*
 * Copyright (c) 2021, Ada Logics Ltd. 
 * All rights reserverd. 
 * 
*/

#include <unistd.h>

// Simple garbage collector 
#define GB_SIZE 100

void *pointer_arr[GB_SIZE];
static int pointer_idx = 0;

// If the garbage collector is used then this must be called as first thing
// during a fuzz run.
void af_gb_init() {
  pointer_idx = 0;

   for (int i = 0; i < GB_SIZE; i++) {
     pointer_arr[i] = NULL;
   }
}

void af_gb_cleanup() {
  for(int i = 0; i < GB_SIZE; i++) {
    if (pointer_arr[i] != NULL) {
      free(pointer_arr[i]);
    }
  }
}

char *af_get_null_terminated(const uint8_t **data, size_t *size) {
#define STR_SIZE 75
  if (*size < STR_SIZE || (int)*size < 0) {
    return NULL;
  }

  char *new_s = malloc(STR_SIZE + 1);
  memcpy(new_s, *data, STR_SIZE);
  new_s[STR_SIZE] = '\0';

  *data = *data+STR_SIZE;
  *size -= STR_SIZE;
  return new_s;
}

char *af_gb_get_random_data(const uint8_t **data, size_t *size, size_t to_get) {
  if (*size < to_get || (int)*size < 0) {
    return NULL;
  }

  char *new_s = malloc(to_get);
  memcpy(new_s, *data, to_get);

  pointer_arr[pointer_idx++] = (void*)new_s;
  
  *data = *data + to_get;
  *size -= to_get;

  return new_s;
}

char *af_gb_get_null_terminated(const uint8_t **data, size_t *size) {

  char *nstr = af_get_null_terminated(data, size);
  if (nstr == NULL) {
    return NULL;
  }
  pointer_arr[pointer_idx++] = (void*)nstr;
  return nstr;
}

char *af_gb_alloc_data(size_t len) {
  char *ptr = calloc(1, len);
  pointer_arr[pointer_idx++] = (void*)ptr;
  
  return ptr;
}

char *af_gb_get_fixed_string() {
  char *ptr = malloc(2);
  ptr[0] = 'A';
  ptr[1] = '\0';
  pointer_arr[pointer_idx++] = (void*)ptr;

  return ptr;
}

short af_get_short(const uint8_t **data, size_t *size) {
  if (*size <= 0) return 0;
  short c = (short)(*data)[0];
  *data += 1;
  *size-=1;
  return c;
}

int af_get_int(const uint8_t **data, size_t *size) {
  if (*size <= 4) return 0;
  const uint8_t *ptr = *data;
  int val = *((int*)ptr);
  *data += 4;
  *size -= 4;
  return val;
}


// end simple garbage collector.


/* A-style */
const uint8_t *a_origin_data;
size_t a_size;

void af_safe_gb_init(const uint8_t *data, size_t size) {
  af_gb_init();
  a_origin_data = data;
  a_size = size;
}

int ada_safe_get_int() {
  return af_get_int(&a_origin_data, &a_size);
}

char *ada_safe_get_char_p() {
  char *tmps = af_gb_get_null_terminated(&a_origin_data, &a_size);
  if (tmps != NULL) {
    return tmps;
  }
  return af_gb_get_fixed_string();
}

char *filename2 = NULL;

char *af_safe_write_random_file() {
  char *filename = malloc(10);
  filename[0] = '/';
  filename[1] = 't';
  filename[2] = 'm';
  filename[3] = 'p';
  filename[4] = '/';
  filename[5] = '1';
  filename[6] = '2';
  filename[7] = '.';
  filename[8] = 'a';
  filename[9] = '\0';
  filename2 = filename;

  FILE *fp = fopen(filename, "wb");
  char *content = ada_safe_get_char_p();
  fwrite(content, strlen(content), 1, fp);
  fclose(fp);

  return filename;
}

void af_safe_gb_cleanup() {
  af_gb_cleanup();

  if (filename2 != NULL) {
    unlink(filename2);
    free(filename2);
    filename2 = NULL;
  }
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright (c) 2021, Ada Logics Ltd.
3		* All rights reserverd.
4		*
5		*/
6
7		#include <unistd.h>
8
9		// Simple garbage collector
10	605k	#define GB_SIZE 100
11
12		void *pointer_arr[GB_SIZE];
13		static int pointer_idx = 0;
14
15		// If the garbage collector is used then this must be called as first thing
16		// during a fuzz run.
17	2.99k	void af_gb_init() {
18	2.99k	pointer_idx = 0;
19
20	302k	for (int i = 0; i < GB_SIZE; i++) {
21	299k	pointer_arr[i] = NULL;
22	299k	}
23	2.99k	}
24
25	2.99k	void af_gb_cleanup() {
26	302k	for(int i = 0; i < GB_SIZE; i++) {
27	299k	if (pointer_arr[i] != NULL) {
28	8.87k	free(pointer_arr[i]);
29	8.87k	}
30	299k	}
31	2.99k	}
32
33	16.9k	char af_get_null_terminated(const uint8_t data, size_t size) {
34	78.3k	#define STR_SIZE 75
35	16.9k	if (size < STR_SIZE \|\| (int)size < 0) {
36	8.11k	return NULL;
37	8.11k	}
38
39	8.87k	char *new_s = malloc(STR_SIZE + 1);
40	8.87k	memcpy(new_s, *data, STR_SIZE);
41	8.87k	new_s[STR_SIZE] = '\0';
42
43	8.87k	data = data+STR_SIZE;
44	8.87k	*size -= STR_SIZE;
45	8.87k	return new_s;
46	16.9k	}
47
48	0	char af_gb_get_random_data(const uint8_t data, size_t size, size_t to_get) {
49	0	if (size < to_get \|\| (int)size < 0) {
50	0	return NULL;
51	0	}
52
53	0	char *new_s = malloc(to_get);
54	0	memcpy(new_s, *data, to_get);
55
56	0	pointer_arr[pointer_idx++] = (void*)new_s;
57
58	0	data = data + to_get;
59	0	*size -= to_get;
60
61	0	return new_s;
62	0	}
63
64	16.9k	char af_gb_get_null_terminated(const uint8_t data, size_t size) {
65
66	16.9k	char *nstr = af_get_null_terminated(data, size);
67	16.9k	if (nstr == NULL) {
68	8.11k	return NULL;
69	8.11k	}
70	8.87k	pointer_arr[pointer_idx++] = (void*)nstr;
71	8.87k	return nstr;
72	16.9k	}
73
74	0	char *af_gb_alloc_data(size_t len) {
75	0	char *ptr = calloc(1, len);
76	0	pointer_arr[pointer_idx++] = (void*)ptr;
77
78	0	return ptr;
79	0	}
80
81	0	char *af_gb_get_fixed_string() {
82	0	char *ptr = malloc(2);
83	0	ptr[0] = 'A';
84	0	ptr[1] = '\0';
85	0	pointer_arr[pointer_idx++] = (void*)ptr;
86
87	0	return ptr;
88	0	}
89
90	3.48k	short af_get_short(const uint8_t *data, size_t size) {
91	3.48k	if (*size <= 0) return 0;
92	758	short c = (short)(*data)[0];
93	758	*data += 1;
94	758	*size-=1;
95	758	return c;
96	3.48k	}
97
98	0	int af_get_int(const uint8_t *data, size_t size) {
99	0	if (*size <= 4) return 0;
100	0	const uint8_t ptr = data;
101	0	int val = ((int)ptr);
102	0	*data += 4;
103	0	*size -= 4;
104	0	return val;
105	0	}
106
107
108		// end simple garbage collector.
109
110
111		/* A-style */
112		const uint8_t *a_origin_data;
113		size_t a_size;
114
115	0	void af_safe_gb_init(const uint8_t *data, size_t size) {
116	0	af_gb_init();
117	0	a_origin_data = data;
118	0	a_size = size;
119	0	}
120
121	0	int ada_safe_get_int() {
122	0	return af_get_int(&a_origin_data, &a_size);
123	0	}
124
125	0	char *ada_safe_get_char_p() {
126	0	char *tmps = af_gb_get_null_terminated(&a_origin_data, &a_size);
127	0	if (tmps != NULL) {
128	0	return tmps;
129	0	}
130	0	return af_gb_get_fixed_string();
131	0	}
132
133		char *filename2 = NULL;
134
135	0	char *af_safe_write_random_file() {
136	0	char *filename = malloc(10);
137	0	filename[0] = '/';
138	0	filename[1] = 't';
139	0	filename[2] = 'm';
140	0	filename[3] = 'p';
141	0	filename[4] = '/';
142	0	filename[5] = '1';
143	0	filename[6] = '2';
144	0	filename[7] = '.';
145	0	filename[8] = 'a';
146	0	filename[9] = '\0';
147	0	filename2 = filename;
148
149	0	FILE *fp = fopen(filename, "wb");
150	0	char *content = ada_safe_get_char_p();
151	0	fwrite(content, strlen(content), 1, fp);
152	0	fclose(fp);
153
154	0	return filename;
155	0	}
156
157	0	void af_safe_gb_cleanup() {
158	0	af_gb_cleanup();
159
160	0	if (filename2 != NULL) {
161	0	unlink(filename2);
162	0	free(filename2);
163	0	filename2 = NULL;
164	0	}
165	0	}

Coverage Report

Created: 2025-07-11 06:40