/src/binutils-gdb/fuzz/fuzz_bfd.c

Source (jump to first uncovered line)
/* Copyright 2020 Google Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

#include "sysdep.h"
#include "bfd.h"

#include <stdint.h>
#include <stdio.h>
#include <unistd.h>

static int bufferToFile(char * name, const uint8_t *Data, size_t Size) {
    int fd = mkstemp(name);
    if (fd < 0) {
        printf("failed mkstemp, errno=%d\n", errno);
        return -2;
    }
    if (write (fd, Data, Size) != Size) {
        printf("failed write, errno=%d\n", errno);
        close(fd);
        return -3;
    }
    close(fd);
    return 0;
}

//TODO? part of fuzzing
char *target = NULL;

int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
    char tmpfilename[32];

    if (bfd_init() != BFD_INIT_MAGIC)
      abort();

    strncpy(tmpfilename, "/tmp/fuzz.bfd-XXXXXX", 31);
    if (bufferToFile(tmpfilename, Data, Size) < 0) {
        return 0;
    }
    bfd *file = bfd_openr (tmpfilename, target);
    if (file == NULL)
    {
        remove(tmpfilename);
        return 0;
    }
    bfd_check_format (file, bfd_archive);
    //TODO loop over subfiles and more processing
    bfd_close (file);
    remove(tmpfilename);

    return 0;
}

Line	Count	Source (jump to first uncovered line)
1		/* Copyright 2020 Google Inc.
2
3		Licensed under the Apache License, Version 2.0 (the "License");
4		you may not use this file except in compliance with the License.
5		You may obtain a copy of the License at
6
7		http://www.apache.org/licenses/LICENSE-2.0
8
9		Unless required by applicable law or agreed to in writing, software
10		distributed under the License is distributed on an "AS IS" BASIS,
11		WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		See the License for the specific language governing permissions and
13		limitations under the License.
14		*/
15
16		#include "sysdep.h"
17		#include "bfd.h"
18
19		#include <stdint.h>
20		#include <stdio.h>
21		#include <unistd.h>
22
23	27.0k	static int bufferToFile(char * name, const uint8_t *Data, size_t Size) {
24	27.0k	int fd = mkstemp(name);
25	27.0k	if (fd < 0) {
26	0	printf("failed mkstemp, errno=%d\n", errno);
27	0	return -2;
28	0	}
29	27.0k	if (write (fd, Data, Size) != Size) {
30	0	printf("failed write, errno=%d\n", errno);
31	0	close(fd);
32	0	return -3;
33	0	}
34	27.0k	close(fd);
35	27.0k	return 0;
36	27.0k	}
37
38		//TODO? part of fuzzing
39		char *target = NULL;
40
41	27.0k	int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
42	27.0k	char tmpfilename[32];
43
44	27.0k	if (bfd_init() != BFD_INIT_MAGIC)
45	0	abort();
46
47	27.0k	strncpy(tmpfilename, "/tmp/fuzz.bfd-XXXXXX", 31);
48	27.0k	if (bufferToFile(tmpfilename, Data, Size) < 0) {
49	0	return 0;
50	0	}
51	27.0k	bfd *file = bfd_openr (tmpfilename, target);
52	27.0k	if (file == NULL)
53	0	{
54	0	remove(tmpfilename);
55	0	return 0;
56	0	}
57	27.0k	bfd_check_format (file, bfd_archive);
58		//TODO loop over subfiles and more processing
59	27.0k	bfd_close (file);
60	27.0k	remove(tmpfilename);
61
62	27.0k	return 0;
63	27.0k	}

Coverage Report

Created: 2025-06-24 06:45