/src/lz4/ossfuzz/round_trip_hc_fuzzer.c
Line | Count | Source |
1 | | /** |
2 | | * This fuzz target performs a lz4 round-trip test (compress & decompress), |
3 | | * compares the result with the original, and calls abort() on corruption. |
4 | | */ |
5 | | |
6 | | #include <stddef.h> |
7 | | #include <stdint.h> |
8 | | #include <stdlib.h> |
9 | | #include <string.h> |
10 | | |
11 | | #include "fuzz_helpers.h" |
12 | | #include "fuzz_data_producer.h" |
13 | | #include "lz4.h" |
14 | | #include "lz4hc.h" |
15 | | |
16 | | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) |
17 | 8.03k | { |
18 | 8.03k | FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size); |
19 | 8.03k | int const level = FUZZ_dataProducer_range32(producer, |
20 | 8.03k | LZ4HC_CLEVEL_MIN, LZ4HC_CLEVEL_MAX); |
21 | 8.03k | size = FUZZ_dataProducer_remainingBytes(producer); |
22 | | |
23 | 8.03k | size_t const dstCapacity = LZ4_compressBound(size); |
24 | 8.03k | char* const dst = (char*)malloc(dstCapacity); |
25 | 8.03k | char* const rt = (char*)malloc(size); |
26 | | |
27 | 8.03k | FUZZ_ASSERT(dst); |
28 | 8.03k | FUZZ_ASSERT(rt); |
29 | | |
30 | | /* Compression must succeed and round trip correctly. */ |
31 | 8.03k | int const dstSize = LZ4_compress_HC((const char*)data, dst, size, |
32 | 8.03k | dstCapacity, level); |
33 | 8.03k | FUZZ_ASSERT(dstSize > 0); |
34 | | |
35 | 8.03k | int const rtSize = LZ4_decompress_safe(dst, rt, dstSize, size); |
36 | 8.03k | FUZZ_ASSERT_MSG(rtSize == size, "Incorrect size"); |
37 | 8.03k | FUZZ_ASSERT_MSG(!memcmp(data, rt, size), "Corruption!"); |
38 | | |
39 | 8.03k | free(dst); |
40 | 8.03k | free(rt); |
41 | 8.03k | FUZZ_dataProducer_free(producer); |
42 | | |
43 | 8.03k | return 0; |
44 | 8.03k | } |