/src/keystone/suite/fuzz/fuzz_asm_mips64be.c

Source (jump to first uncovered line)
#include <keystone/keystone.h>

#include <string.h>

FILE * outfile = NULL;


int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
    ks_engine *ks;
    ks_err err;
    size_t count;
    unsigned char *encode = NULL;
    size_t size;
    char * assembler;

    if (outfile == NULL) {
        // we compute the output
        outfile = fopen("/dev/null", "w");
        if (outfile == NULL) {
            printf("failed opening /dev/null\n");
            abort();
        }
    }

    if (Size < 1) {
        return 0;
    }

    err = ks_open(KS_ARCH_MIPS, KS_MODE_MIPS64+KS_MODE_BIG_ENDIAN, &ks);
    if (err != KS_ERR_OK) {
        printf("ERROR: failed on ks_open(), quit error = %u\n", err);
        abort();
    }

    ks_option(ks, KS_OPT_SYNTAX, Data[Size-1]);

    assembler = malloc(Size);
    memcpy(assembler, Data, Size-1);
    //null terminate string
    assembler[Size-1] = 0;

    if (ks_asm(ks, assembler, 0, &encode, &size, &count) != KS_ERR_OK) {
        fprintf(outfile, "ERROR: ks_asm() failed & count = %lu, error = %u\n",
                count, ks_errno(ks));
    } else {
        size_t i;

        fprintf(outfile, "%s = ", assembler);
        for (i = 0; i < size; i++) {
            fprintf(outfile, "%02x ", encode[i]);
        }
        fprintf(outfile, "\n");
        fprintf(outfile, "Compiled: %lu bytes, statements: %lu\n", size, count);
    }

    free(assembler);
    // NOTE: free encode after usage to avoid leaking memory
    if (encode != NULL) {
        ks_free(encode);
    }

    // close Keystone instance when done
    ks_close(ks);

    return 0;
}

Line	Count	Source (jump to first uncovered line)
1		#include <keystone/keystone.h>
2
3		#include <string.h>
4
5		FILE * outfile = NULL;
6
7
8	130k	int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
9	130k	ks_engine *ks;
10	130k	ks_err err;
11	130k	size_t count;
12	130k	unsigned char *encode = NULL;
13	130k	size_t size;
14	130k	char * assembler;
15
16	130k	if (outfile == NULL) {
17		// we compute the output
18	26	outfile = fopen("/dev/null", "w");
19	26	if (outfile == NULL) {
20	0	printf("failed opening /dev/null\n");
21	0	abort();
22	0	}
23	26	}
24
25	130k	if (Size < 1) {
26	0	return 0;
27	0	}
28
29	130k	err = ks_open(KS_ARCH_MIPS, KS_MODE_MIPS64+KS_MODE_BIG_ENDIAN, &ks);
30	130k	if (err != KS_ERR_OK) {
31	0	printf("ERROR: failed on ks_open(), quit error = %u\n", err);
32	0	abort();
33	0	}
34
35	130k	ks_option(ks, KS_OPT_SYNTAX, Data[Size-1]);
36
37	130k	assembler = malloc(Size);
38	130k	memcpy(assembler, Data, Size-1);
39		//null terminate string
40	130k	assembler[Size-1] = 0;
41
42	130k	if (ks_asm(ks, assembler, 0, &encode, &size, &count) != KS_ERR_OK) {
43	81.1k	fprintf(outfile, "ERROR: ks_asm() failed & count = %lu, error = %u\n",
44	81.1k	count, ks_errno(ks));
45	81.1k	} else {
46	49.2k	size_t i;
47
48	49.2k	fprintf(outfile, "%s = ", assembler);
49	1.64G	for (i = 0; i < size; i++) {
50	1.64G	fprintf(outfile, "%02x ", encode[i]);
51	1.64G	}
52	49.2k	fprintf(outfile, "\n");
53	49.2k	fprintf(outfile, "Compiled: %lu bytes, statements: %lu\n", size, count);
54	49.2k	}
55
56	130k	free(assembler);
57		// NOTE: free encode after usage to avoid leaking memory
58	130k	if (encode != NULL) {
59	49.2k	ks_free(encode);
60	49.2k	}
61
62		// close Keystone instance when done
63	130k	ks_close(ks);
64
65	130k	return 0;
66	130k	}

Coverage Report

Created: 2025-07-15 06:22