/src/fmt/test/fuzzing/fuzzer-common.h
Line | Count | Source |
1 | | // Copyright (c) 2019, Paul Dreik |
2 | | // For the license information refer to format.h. |
3 | | |
4 | | #ifndef FUZZER_COMMON_H |
5 | | #define FUZZER_COMMON_H |
6 | | |
7 | | #include <fmt/base.h> |
8 | | |
9 | | #include <cstdint> // std::uint8_t |
10 | | #include <cstring> // memcpy |
11 | | #include <vector> |
12 | | |
13 | | // One can format to either a string, or a buffer. The latter is faster, but |
14 | | // one may be interested in formatting to a string instead to verify it works |
15 | | // as intended. To avoid a combinatoric explosion, select this at compile time |
16 | | // instead of dynamically from the fuzz data. |
17 | | #define FMT_FUZZ_FORMAT_TO_STRING 0 |
18 | | |
19 | | // If {fmt} is given a buffer that is separately allocated, chances that address |
20 | | // sanitizer detects out of bound reads is much higher. However, it slows down |
21 | | // the fuzzing. |
22 | | #define FMT_FUZZ_SEPARATE_ALLOCATION 1 |
23 | | |
24 | | // The size of the largest possible type in use. |
25 | | // To let the the fuzzer mutation be efficient at cross pollinating between |
26 | | // different types, use a fixed size format. The same bit pattern, interpreted |
27 | | // as another type, is likely interesting. |
28 | | constexpr auto fixed_size = 16; |
29 | | |
30 | | // Casts data to a char pointer. |
31 | | template <typename T> inline const char* as_chars(const T* data) { |
32 | | return reinterpret_cast<const char*>(data); |
33 | | } |
34 | | |
35 | | // Casts data to a byte pointer. |
36 | | template <typename T> inline const std::uint8_t* as_bytes(const T* data) { |
37 | | return reinterpret_cast<const std::uint8_t*>(data); |
38 | | } |
39 | | |
40 | | // Blits bytes from data to form an (assumed trivially constructible) object |
41 | | // of type Item. |
42 | 10.1k | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { |
43 | 10.1k | auto item = Item(); |
44 | 10.1k | std::memcpy(&item, data, sizeof(Item)); |
45 | 10.1k | return item; |
46 | 10.1k | } char assign_from_buf<char>(unsigned char const*) Line | Count | Source | 42 | 408 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 408 | auto item = Item(); | 44 | 408 | std::memcpy(&item, data, sizeof(Item)); | 45 | 408 | return item; | 46 | 408 | } |
signed char assign_from_buf<signed char>(unsigned char const*) Line | Count | Source | 42 | 171 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 171 | auto item = Item(); | 44 | 171 | std::memcpy(&item, data, sizeof(Item)); | 45 | 171 | return item; | 46 | 171 | } |
unsigned char assign_from_buf<unsigned char>(unsigned char const*) Line | Count | Source | 42 | 117 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 117 | auto item = Item(); | 44 | 117 | std::memcpy(&item, data, sizeof(Item)); | 45 | 117 | return item; | 46 | 117 | } |
short assign_from_buf<short>(unsigned char const*) Line | Count | Source | 42 | 136 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 136 | auto item = Item(); | 44 | 136 | std::memcpy(&item, data, sizeof(Item)); | 45 | 136 | return item; | 46 | 136 | } |
unsigned short assign_from_buf<unsigned short>(unsigned char const*) Line | Count | Source | 42 | 108 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 108 | auto item = Item(); | 44 | 108 | std::memcpy(&item, data, sizeof(Item)); | 45 | 108 | return item; | 46 | 108 | } |
int assign_from_buf<int>(unsigned char const*) Line | Count | Source | 42 | 512 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 512 | auto item = Item(); | 44 | 512 | std::memcpy(&item, data, sizeof(Item)); | 45 | 512 | return item; | 46 | 512 | } |
unsigned int assign_from_buf<unsigned int>(unsigned char const*) Line | Count | Source | 42 | 313 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 313 | auto item = Item(); | 44 | 313 | std::memcpy(&item, data, sizeof(Item)); | 45 | 313 | return item; | 46 | 313 | } |
long assign_from_buf<long>(unsigned char const*) Line | Count | Source | 42 | 1.03k | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 1.03k | auto item = Item(); | 44 | 1.03k | std::memcpy(&item, data, sizeof(Item)); | 45 | 1.03k | return item; | 46 | 1.03k | } |
unsigned long assign_from_buf<unsigned long>(unsigned char const*) Line | Count | Source | 42 | 736 | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 736 | auto item = Item(); | 44 | 736 | std::memcpy(&item, data, sizeof(Item)); | 45 | 736 | return item; | 46 | 736 | } |
float assign_from_buf<float>(unsigned char const*) Line | Count | Source | 42 | 1.99k | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 1.99k | auto item = Item(); | 44 | 1.99k | std::memcpy(&item, data, sizeof(Item)); | 45 | 1.99k | return item; | 46 | 1.99k | } |
double assign_from_buf<double>(unsigned char const*) Line | Count | Source | 42 | 2.86k | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 2.86k | auto item = Item(); | 44 | 2.86k | std::memcpy(&item, data, sizeof(Item)); | 45 | 2.86k | return item; | 46 | 2.86k | } |
long double assign_from_buf<long double>(unsigned char const*) Line | Count | Source | 42 | 1.79k | template <class Item> inline Item assign_from_buf(const std::uint8_t* data) { | 43 | 1.79k | auto item = Item(); | 44 | 1.79k | std::memcpy(&item, data, sizeof(Item)); | 45 | 1.79k | return item; | 46 | 1.79k | } |
|
47 | | |
48 | | // Reads a boolean value by looking at the first byte from data. |
49 | 230 | template <> inline bool assign_from_buf<bool>(const std::uint8_t* data) { |
50 | 230 | return *data != 0; |
51 | 230 | } |
52 | | |
53 | | struct data_to_string { |
54 | | #if FMT_FUZZ_SEPARATE_ALLOCATION |
55 | | std::vector<char> buffer; |
56 | | |
57 | | data_to_string(const uint8_t* data, size_t size, bool add_terminator = false) |
58 | 20.6k | : buffer(size + (add_terminator ? 1 : 0)) { |
59 | 20.6k | if (size) { |
60 | 20.6k | std::memcpy(buffer.data(), data, size); |
61 | 20.6k | } |
62 | 20.6k | } |
63 | | |
64 | 20.6k | fmt::string_view get() const { return {buffer.data(), buffer.size()}; } |
65 | | #else |
66 | | fmt::string_view sv; |
67 | | |
68 | | data_to_string(const uint8_t* data, size_t size, bool = false) |
69 | | : str(as_chars(data), size) {} |
70 | | |
71 | | fmt::string_view get() const { return sv; } |
72 | | #endif |
73 | | |
74 | 10.3k | const char* data() const { return get().data(); } |
75 | | }; |
76 | | |
77 | | #endif // FUZZER_COMMON_H |