/src/fuzz-headers/lang/c/ada_fuzz_header.h

Source (jump to first uncovered line)
/*
 * Copyright (c) 2021, Ada Logics Ltd. 
 * All rights reserverd. 
 * 
*/

#include <unistd.h>

// Simple garbage collector 
#define GB_SIZE 100

void *pointer_arr[GB_SIZE];
static int pointer_idx = 0;

// If the garbage collector is used then this must be called as first thing
// during a fuzz run.
void af_gb_init() {
  pointer_idx = 0;

   for (int i = 0; i < GB_SIZE; i++) {
     pointer_arr[i] = NULL;
   }
}

void af_gb_cleanup() {
  for(int i = 0; i < GB_SIZE; i++) {
    if (pointer_arr[i] != NULL) {
      free(pointer_arr[i]);
    }
  }
}

char *af_get_null_terminated(const uint8_t **data, size_t *size) {
#define STR_SIZE 75
  if (*size < STR_SIZE || (int)*size < 0) {
    return NULL;
  }

  char *new_s = malloc(STR_SIZE + 1);
  memcpy(new_s, *data, STR_SIZE);
  new_s[STR_SIZE] = '\0';

  *data = *data+STR_SIZE;
  *size -= STR_SIZE;
  return new_s;
}

char *af_gb_get_random_data(const uint8_t **data, size_t *size, size_t to_get) {
  if (*size < to_get || (int)*size < 0) {
    return NULL;
  }

  char *new_s = malloc(to_get);
  memcpy(new_s, *data, to_get);

  pointer_arr[pointer_idx++] = (void*)new_s;
  
  *data = *data + to_get;
  *size -= to_get;

  return new_s;
}

char *af_gb_get_null_terminated(const uint8_t **data, size_t *size) {

  char *nstr = af_get_null_terminated(data, size);
  if (nstr == NULL) {
    return NULL;
  }
  pointer_arr[pointer_idx++] = (void*)nstr;
  return nstr;
}

char *af_gb_alloc_data(size_t len) {
  char *ptr = calloc(1, len);
  pointer_arr[pointer_idx++] = (void*)ptr;
  
  return ptr;
}

char *af_gb_get_fixed_string() {
  char *ptr = malloc(2);
  ptr[0] = 'A';
  ptr[1] = '\0';
  pointer_arr[pointer_idx++] = (void*)ptr;

  return ptr;
}

short af_get_short(const uint8_t **data, size_t *size) {
  if (*size <= 0) return 0;
  short c = (short)(*data)[0];
  *data += 1;
  *size-=1;
  return c;
}

int af_get_int(const uint8_t **data, size_t *size) {
  if (*size <= 4) return 0;
  const uint8_t *ptr = *data;
  int val = *((int*)ptr);
  *data += 4;
  *size -= 4;
  return val;
}


// end simple garbage collector.


/* A-style */
const uint8_t *a_origin_data;
size_t a_size;

void af_safe_gb_init(const uint8_t *data, size_t size) {
  af_gb_init();
  a_origin_data = data;
  a_size = size;
}

int ada_safe_get_int() {
  return af_get_int(&a_origin_data, &a_size);
}

char *ada_safe_get_char_p() {
  char *tmps = af_gb_get_null_terminated(&a_origin_data, &a_size);
  if (tmps != NULL) {
    return tmps;
  }
  return af_gb_get_fixed_string();
}

char *filename2 = NULL;

char *af_safe_write_random_file() {
  char *filename = malloc(10);
  filename[0] = '/';
  filename[1] = 't';
  filename[2] = 'm';
  filename[3] = 'p';
  filename[4] = '/';
  filename[5] = '1';
  filename[6] = '2';
  filename[7] = '.';
  filename[8] = 'a';
  filename[9] = '\0';
  filename2 = filename;

  FILE *fp = fopen(filename, "wb");
  char *content = ada_safe_get_char_p();
  fwrite(content, strlen(content), 1, fp);
  fclose(fp);

  return filename;
}

void af_safe_gb_cleanup() {
  af_gb_cleanup();

  if (filename2 != NULL) {
    unlink(filename2);
    free(filename2);
    filename2 = NULL;
  }
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright (c) 2021, Ada Logics Ltd.
3		* All rights reserverd.
4		*
5		*/
6
7		#include <unistd.h>
8
9		// Simple garbage collector
10	65.4k	#define GB_SIZE 100
11
12		void *pointer_arr[GB_SIZE];
13		static int pointer_idx = 0;
14
15		// If the garbage collector is used then this must be called as first thing
16		// during a fuzz run.
17	324	void af_gb_init() {
18	324	pointer_idx = 0;
19
20	32.7k	for (int i = 0; i < GB_SIZE; i++) {
21	32.4k	pointer_arr[i] = NULL;
22	32.4k	}
23	324	}
24
25	324	void af_gb_cleanup() {
26	32.7k	for(int i = 0; i < GB_SIZE; i++) {
27	32.4k	if (pointer_arr[i] != NULL) {
28	3.88k	free(pointer_arr[i]);
29	3.88k	}
30	32.4k	}
31	324	}
32
33	3.88k	char af_get_null_terminated(const uint8_t data, size_t size) {
34	17.2k	#define STR_SIZE 75
35	3.88k	if (size < STR_SIZE \|\| (int)size < 0) {
36	1.99k	return NULL;
37	1.99k	}
38
39	1.89k	char *new_s = malloc(STR_SIZE + 1);
40	1.89k	memcpy(new_s, *data, STR_SIZE);
41	1.89k	new_s[STR_SIZE] = '\0';
42
43	1.89k	data = data+STR_SIZE;
44	1.89k	*size -= STR_SIZE;
45	1.89k	return new_s;
46	3.88k	}
47
48	0	char af_gb_get_random_data(const uint8_t data, size_t size, size_t to_get) {
49	0	if (size < to_get \|\| (int)size < 0) {
50	0	return NULL;
51	0	}
52
53	0	char *new_s = malloc(to_get);
54	0	memcpy(new_s, *data, to_get);
55
56	0	pointer_arr[pointer_idx++] = (void*)new_s;
57
58	0	data = data + to_get;
59	0	*size -= to_get;
60
61	0	return new_s;
62	0	}
63
64	3.88k	char af_gb_get_null_terminated(const uint8_t data, size_t size) {
65
66	3.88k	char *nstr = af_get_null_terminated(data, size);
67	3.88k	if (nstr == NULL) {
68	1.99k	return NULL;
69	1.99k	}
70	1.89k	pointer_arr[pointer_idx++] = (void*)nstr;
71	1.89k	return nstr;
72	3.88k	}
73
74	0	char *af_gb_alloc_data(size_t len) {
75	0	char *ptr = calloc(1, len);
76	0	pointer_arr[pointer_idx++] = (void*)ptr;
77
78	0	return ptr;
79	0	}
80
81	1.99k	char *af_gb_get_fixed_string() {
82	1.99k	char *ptr = malloc(2);
83	1.99k	ptr[0] = 'A';
84	1.99k	ptr[1] = '\0';
85	1.99k	pointer_arr[pointer_idx++] = (void*)ptr;
86
87	1.99k	return ptr;
88	1.99k	}
89
90	0	short af_get_short(const uint8_t *data, size_t size) {
91	0	if (*size <= 0) return 0;
92	0	short c = (short)(*data)[0];
93	0	*data += 1;
94	0	*size-=1;
95	0	return c;
96	0	}
97
98	324	int af_get_int(const uint8_t *data, size_t size) {
99	324	if (*size <= 4) return 0;
100	70	const uint8_t ptr = data;
101	70	int val = ((int)ptr);
102	70	*data += 4;
103	70	*size -= 4;
104	70	return val;
105	324	}
106
107
108		// end simple garbage collector.
109
110
111		/* A-style */
112		const uint8_t *a_origin_data;
113		size_t a_size;
114
115	324	void af_safe_gb_init(const uint8_t *data, size_t size) {
116	324	af_gb_init();
117	324	a_origin_data = data;
118	324	a_size = size;
119	324	}
120
121	324	int ada_safe_get_int() {
122	324	return af_get_int(&a_origin_data, &a_size);
123	324	}
124
125	3.88k	char *ada_safe_get_char_p() {
126	3.88k	char *tmps = af_gb_get_null_terminated(&a_origin_data, &a_size);
127	3.88k	if (tmps != NULL) {
128	1.89k	return tmps;
129	1.89k	}
130	1.99k	return af_gb_get_fixed_string();
131	3.88k	}
132
133		char *filename2 = NULL;
134
135	0	char *af_safe_write_random_file() {
136	0	char *filename = malloc(10);
137	0	filename[0] = '/';
138	0	filename[1] = 't';
139	0	filename[2] = 'm';
140	0	filename[3] = 'p';
141	0	filename[4] = '/';
142	0	filename[5] = '1';
143	0	filename[6] = '2';
144	0	filename[7] = '.';
145	0	filename[8] = 'a';
146	0	filename[9] = '\0';
147	0	filename2 = filename;
148
149	0	FILE *fp = fopen(filename, "wb");
150	0	char *content = ada_safe_get_char_p();
151	0	fwrite(content, strlen(content), 1, fp);
152	0	fclose(fp);
153
154	0	return filename;
155	0	}
156
157	324	void af_safe_gb_cleanup() {
158	324	af_gb_cleanup();
159
160	324	if (filename2 != NULL) {
161	0	unlink(filename2);
162	0	free(filename2);
163	0	filename2 = NULL;
164	0	}
165	324	}

Coverage Report

Created: 2025-06-12 06:44