/src/stream_fuzz.cpp

Source (jump to first uncovered line)
/* Copyright 2023 Google LLC
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
      http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

/*
 * The main idea behind this fuzzer is the generate arbitrary stack traces
 * by way of recursive funcitons, and then using various calls to libunwind
 * apis arbitrarily.
 */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

#include <iostream>
#include <string>

#include "OgreException.h"
#include "OgreFileSystem.h"
#include "OgreStreamSerialiser.h"
#include "OgreVector.h"

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  char filename[256];
  sprintf(filename, "/tmp/libfuzzer.%d", getpid());

  FILE *fp = fopen(filename, "wb");
  if (!fp) {
    return 0;
  }
  fwrite(data, size, 1, fp);
  fclose(fp);

  Ogre::String fileName = filename;

  Ogre::FileSystemArchiveFactory factory;
  Ogre::Archive *arch = factory.createInstance("/tmp/", false);
  arch->load();

  Ogre::DataStreamPtr stream = arch->open(fileName);
  Ogre::StreamSerialiser serialiser(stream);
  try {
    const Ogre::StreamSerialiser::Chunk *c = serialiser.readChunkBegin();

    Ogre::Vector3 dest;
    serialiser.read(&dest, 1);
  } catch (Ogre::InvalidStateException) {
  }
  factory.destroyInstance(arch);
  unlink(filename);

  return 0;
}

Line	Count	Source (jump to first uncovered line)
1		/* Copyright 2023 Google LLC
2		Licensed under the Apache License, Version 2.0 (the "License");
3		you may not use this file except in compliance with the License.
4		You may obtain a copy of the License at
5		http://www.apache.org/licenses/LICENSE-2.0
6		Unless required by applicable law or agreed to in writing, software
7		distributed under the License is distributed on an "AS IS" BASIS,
8		WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
9		See the License for the specific language governing permissions and
10		limitations under the License.
11		*/
12
13		/*
14		* The main idea behind this fuzzer is the generate arbitrary stack traces
15		* by way of recursive funcitons, and then using various calls to libunwind
16		* apis arbitrarily.
17		*/
18		#include <stdio.h>
19		#include <stdlib.h>
20		#include <unistd.h>
21
22		#include <iostream>
23		#include <string>
24
25		#include "OgreException.h"
26		#include "OgreFileSystem.h"
27		#include "OgreStreamSerialiser.h"
28		#include "OgreVector.h"
29
30	260	extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
31	260	char filename[256];
32	260	sprintf(filename, "/tmp/libfuzzer.%d", getpid());
33
34	260	FILE *fp = fopen(filename, "wb");
35	260	if (!fp) {
36	0	return 0;
37	0	}
38	260	fwrite(data, size, 1, fp);
39	260	fclose(fp);
40
41	260	Ogre::String fileName = filename;
42
43	260	Ogre::FileSystemArchiveFactory factory;
44	260	Ogre::Archive *arch = factory.createInstance("/tmp/", false);
45	260	arch->load();
46
47	260	Ogre::DataStreamPtr stream = arch->open(fileName);
48	260	Ogre::StreamSerialiser serialiser(stream);
49	260	try {
50	260	const Ogre::StreamSerialiser::Chunk *c = serialiser.readChunkBegin();
51
52	260	Ogre::Vector3 dest;
53	260	serialiser.read(&dest, 1);
54	260	} catch (Ogre::InvalidStateException) {
55	260	}
56	260	factory.destroyInstance(arch);
57	260	unlink(filename);
58
59	260	return 0;
60	260	}

Coverage Report

Created: 2025-07-11 06:33