/src/stream_fuzz.cpp

Source (jump to first uncovered line)
/* Copyright 2023 Google LLC
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
      http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

/*
 * The main idea behind this fuzzer is the generate arbitrary stack traces
 * by way of recursive funcitons, and then using various calls to libunwind
 * apis arbitrarily.
 */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

#include <iostream>
#include <string>

#include "OgreException.h"
#include "OgreFileSystem.h"
#include "OgreStreamSerialiser.h"
#include "OgreVector.h"

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  char filename[256];
  sprintf(filename, "/tmp/libfuzzer.%d", getpid());

  FILE *fp = fopen(filename, "wb");
  if (!fp) {
    return 0;
  }
  fwrite(data, size, 1, fp);
  fclose(fp);

  Ogre::String fileName = filename;

  Ogre::FileSystemArchiveFactory factory;
  Ogre::Archive *arch = factory.createInstance("/tmp/", false);
  arch->load();

  Ogre::DataStreamPtr stream = arch->open(fileName);
  Ogre::StreamSerialiser serialiser(stream);
  try {
    const Ogre::StreamSerialiser::Chunk *c = serialiser.readChunkBegin();

    Ogre::Vector3 dest;
    serialiser.read(&dest, 1);
  } catch (Ogre::InvalidStateException) {
  }
  factory.destroyInstance(arch);
  unlink(filename);

  return 0;
}

Line	Count	Source (jump to first uncovered line)
1		/* Copyright 2023 Google LLC
2		Licensed under the Apache License, Version 2.0 (the "License");
3		you may not use this file except in compliance with the License.
4		You may obtain a copy of the License at
5		http://www.apache.org/licenses/LICENSE-2.0
6		Unless required by applicable law or agreed to in writing, software
7		distributed under the License is distributed on an "AS IS" BASIS,
8		WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
9		See the License for the specific language governing permissions and
10		limitations under the License.
11		*/
12
13		/*
14		* The main idea behind this fuzzer is the generate arbitrary stack traces
15		* by way of recursive funcitons, and then using various calls to libunwind
16		* apis arbitrarily.
17		*/
18		#include <stdio.h>
19		#include <stdlib.h>
20		#include <unistd.h>
21
22		#include <iostream>
23		#include <string>
24
25		#include "OgreException.h"
26		#include "OgreFileSystem.h"
27		#include "OgreStreamSerialiser.h"
28		#include "OgreVector.h"
29
30	266	extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
31	266	char filename[256];
32	266	sprintf(filename, "/tmp/libfuzzer.%d", getpid());
33
34	266	FILE *fp = fopen(filename, "wb");
35	266	if (!fp) {
36	0	return 0;
37	0	}
38	266	fwrite(data, size, 1, fp);
39	266	fclose(fp);
40
41	266	Ogre::String fileName = filename;
42
43	266	Ogre::FileSystemArchiveFactory factory;
44	266	Ogre::Archive *arch = factory.createInstance("/tmp/", false);
45	266	arch->load();
46
47	266	Ogre::DataStreamPtr stream = arch->open(fileName);
48	266	Ogre::StreamSerialiser serialiser(stream);
49	266	try {
50	266	const Ogre::StreamSerialiser::Chunk *c = serialiser.readChunkBegin();
51
52	266	Ogre::Vector3 dest;
53	266	serialiser.read(&dest, 1);
54	266	} catch (Ogre::InvalidStateException) {
55	266	}
56	266	factory.destroyInstance(arch);
57	266	unlink(filename);
58
59	266	return 0;
60	266	}

Coverage Report

Created: 2025-07-18 07:04