Fuzz introspector: magic_fuzzer_loaddb
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
188 188 1 :

['apprentice_list']

188 188 apprentice_1 call site: 00457 /src/file/src/apprentice.c:517
103 331 7 :

['file_error', 'fstat', 'maxoff_t', 'mprotect', 'check_buffer', '__errno_location', 'mmap']

107 348 apprentice_map call site: 00417 /src/file/src/apprentice.c:3293
57 57 1 :

['file_oomem']

59 72 apprentice_map call site: 00414 /src/file/src/apprentice.c:3283
57 57 1 :

['file_oomem']

57 57 parse call site: 00132 /src/file/src/apprentice.c:2063
57 57 1 :

['file_oomem']

57 57 parse call site: 00133 /src/file/src/apprentice.c:2078
57 57 1 :

['file_oomem']

57 57 addentry call site: 00359 /src/file/src/apprentice.c:1291
57 57 1 :

['file_oomem']

57 57 coalesce_entries call site: 00391 /src/file/src/apprentice.c:1477
57 57 1 :

['file_oomem']

57 57 file_check_mem call site: 00121 /src/file/src/funcs.c:627
22 22 2 :

['get_default_magic', 'getenv']

22 22 magic_getpath call site: 00057 /src/file/src/magic.c:256
4 4 1 :

['__errno_location']

4 61 load_1 call site: 00112 /src/file/src/apprentice.c:1321
4 4 2 :

['close', 'abort']

4 4 fuzzer_get_tmpfile(unsignedcharconst*,unsignedlong) call site: 00000 /src/fuzzer_temp_file.h:47
2 425 4 :

['file_mdump', '__ctype_b_loc', 'getvalue', 'check_format']

2 437 parse call site: 00193 /src/file/src/apprentice.c:2346

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 FuzzerTemporaryFile::FuzzerTemporaryFile(unsigned char const*, unsigned long) [function] [call site] 00001
2 fuzzer_get_tmpfile(unsigned char const*, unsigned long) [function] [call site] 00002
3 strdup [call site] 00003
3 perror [call site] 00004
3 abort [call site] 00005
3 mkstemp [call site] 00006
3 perror [call site] 00007
3 abort [call site] 00008
3 fdopen [call site] 00009
3 perror [call site] 00010
3 close [call site] 00011
3 abort [call site] 00012
3 fwrite [call site] 00013
3 close [call site] 00014
3 fprintf [call site] 00015
3 abort [call site] 00016
3 fclose [call site] 00017
1 magic_open [function] [call site] 00018
2 file_ms_alloc [function] [call site] 00019
3 calloc [call site] 00020
3 magic_setflags [function] [call site] 00021
3 __errno_location [call site] 00022
3 newlocale [call site] 00023
3 __assert_fail [call site] 00024
1 FuzzerTemporaryFile::filename() const [function] [call site] 00025
1 magic_check [function] [call site] 00026
2 file_apprentice [function] [call site] 00027
3 file_reset [function] [call site] 00028
4 file_error [function] [call site] 00029
5 file_error_core [function] [call site] 00030
6 file_clearbuf [function] [call site] 00031
6 file_printf [function] [call site] 00032
7 file_vprintf [function] [call site] 00033
8 file_checkfmt [function] [call site] 00034
9 strchr [call site] 00035
9 snprintf [call site] 00036
9 file_checkfield [function] [call site] 00037
10 __ctype_b_loc [call site] 00038
10 snprintf [call site] 00039
9 file_checkfield [function] [call site] 00040
9 __ctype_b_loc [call site] 00041
9 snprintf [call site] 00042
8 file_clearbuf [function] [call site] 00043
8 file_error [function] [call site] 00044
8 vasprintf [call site] 00045
8 file_clearbuf [function] [call site] 00046
8 file_error [function] [call site] 00047
8 asprintf [call site] 00048
8 file_clearbuf [function] [call site] 00049
8 __errno_location [call site] 00050
8 file_error [function] [call site] 00051
6 file_printf [function] [call site] 00052
6 file_vprintf [function] [call site] 00053
6 strerror [call site] 00054
6 file_printf [function] [call site] 00055
4 file_clearbuf [function] [call site] 00056
3 magic_getpath [function] [call site] 00057
4 getenv [call site] 00058
4 get_default_magic [function] [call site] 00059
5 getenv [call site] 00060
5 asprintf [call site] 00061
5 stat [call site] 00062
5 asprintf [call site] 00063
5 stat [call site] 00064
5 asprintf [call site] 00065
5 access [call site] 00066
5 asprintf [call site] 00067
3 init_file_tables [function] [call site] 00068
4 __assert_fail [call site] 00069
4 __assert_fail [call site] 00070
3 strdup [call site] 00071
3 strlen [call site] 00072
3 file_oomem [function] [call site] 00073
4 __errno_location [call site] 00074
4 file_error [function] [call site] 00075
3 mlist_free [function] [call site] 00076
4 mlist_free_one [function] [call site] 00077
5 apprentice_unmap [function] [call site] 00078
6 munmap [call site] 00079
6 fprintf [call site] 00080
6 abort [call site] 00081
5 file_regfree [function] [call site] 00082
6 regfree [call site] 00083
4 mlist_free_one [function] [call site] 00084
3 mlist_alloc [function] [call site] 00085
4 calloc [call site] 00086
3 file_oomem [function] [call site] 00087
3 mlist_free [function] [call site] 00088
3 strchr [call site] 00089
3 apprentice_1 [function] [call site] 00090
4 file_error [function] [call site] 00091
4 apprentice_load [function] [call site] 00092
5 calloc [call site] 00093
5 file_oomem [function] [call site] 00094
5 fprintf [call site] 00095
5 stat [call site] 00096
5 opendir [call site] 00097
5 readdir [call site] 00098
5 asprintf [call site] 00099
5 strlen [call site] 00100
5 file_oomem [function] [call site] 00101
5 closedir [call site] 00102
5 stat [call site] 00103
5 realloc [call site] 00104
5 file_oomem [function] [call site] 00105
5 closedir [call site] 00106
5 closedir [call site] 00107
5 qsort [call site] 00108
5 cmpstrp [function] [call site] 00109
6 strcmp [call site] 00110
5 load_1 [function] [call site] 00111
6 fopen [call site] 00112
6 __errno_location [call site] 00113
6 __errno_location [call site] 00114
6 file_error [function] [call site] 00115
6 getline [call site] 00116
6 memcmp [call site] 00117
6 file_error [function] [call site] 00118
6 file_error [function] [call site] 00119
6 parse [function] [call site] 00120
7 file_check_mem [function] [call site] 00121
8 file_oomem [function] [call site] 00122
7 file_magerror [function] [call site] 00123
8 file_error_core [function] [call site] 00124
7 file_magerror [function] [call site] 00125
7 file_magwarn [function] [call site] 00126
8 fflush [call site] 00127
8 fprintf [call site] 00128
8 fprintf [call site] 00129
8 vfprintf [call site] 00130
8 fputc [call site] 00131
7 realloc [call site] 00132
7 file_oomem [function] [call site] 00133
7 file_oomem [function] [call site] 00134
7 file_magwarn [function] [call site] 00135
7 strtol [call site] 00136
7 file_magwarn [function] [call site] 00137
7 file_magwarn [function] [call site] 00138
7 get_op [function] [call site] 00139
7 __ctype_b_loc [call site] 00140
7 strtol [call site] 00141
7 file_magwarn [function] [call site] 00142
7 file_magwarn [function] [call site] 00143
7 __ctype_b_loc [call site] 00144
7 get_cond [function] [call site] 00145
8 strncmp [call site] 00146
8 __ctype_b_loc [call site] 00147
7 check_cond [function] [call site] 00148
8 file_magwarn [function] [call site] 00149
8 file_magwarn [function] [call site] 00150
8 file_magwarn [function] [call site] 00151
7 __ctype_b_loc [call site] 00152
7 get_type [function] [call site] 00153
8 strncmp [call site] 00154
7 get_standard_integer_type [function] [call site] 00155
8 __ctype_b_loc [call site] 00156
8 __ctype_b_loc [call site] 00157
8 __ctype_b_loc [call site] 00158
7 get_type [function] [call site] 00159
7 get_standard_integer_type [function] [call site] 00160
7 __ctype_b_loc [call site] 00161
7 get_type [function] [call site] 00162
7 file_magwarn [function] [call site] 00163
7 file_magwarn [function] [call site] 00164
7 file_magwarn [function] [call site] 00165
7 get_op [function] [call site] 00166
7 file_magwarn [function] [call site] 00167
7 parse_indirect_modifier [function] [call site] 00168
8 __ctype_b_loc [call site] 00169
8 file_magwarn [function] [call site] 00170
7 parse_string_modifier [function] [call site] 00171
8 __ctype_b_loc [call site] 00172
8 file_magwarn [function] [call site] 00173
8 strtoul [call site] 00174
8 file_magwarn [function] [call site] 00175
8 file_magwarn [function] [call site] 00176
8 __ctype_b_loc [call site] 00177
8 string_modifier_check [function] [call site] 00178
9 file_magwarn [function] [call site] 00179
9 file_magwarn [function] [call site] 00180
9 file_magwarn [function] [call site] 00181
9 file_magwarn [function] [call site] 00182
9 file_magwarn [function] [call site] 00183
9 file_magwarn [function] [call site] 00184
9 file_magwarn [function] [call site] 00185
7 parse_op_modifier [function] [call site] 00186
8 strtoull [call site] 00187
8 file_signextend [function] [call site] 00188
9 file_magwarn [function] [call site] 00189
8 eatsize [function] [call site] 00190
9 __ctype_b_loc [call site] 00191
9 __ctype_b_loc [call site] 00192
7 __ctype_b_loc [call site] 00193
7 file_magwarn [function] [call site] 00194
7 __ctype_b_loc [call site] 00195
7 getvalue [function] [call site] 00196
8 getstr [function] [call site] 00197
9 __ctype_b_loc [call site] 00198
9 file_error [function] [call site] 00199
9 file_magwarn [function] [call site] 00200
9 file_magwarn [function] [call site] 00201
9 file_magwarn [function] [call site] 00202
9 __ctype_b_loc [call site] 00203
9 strchr [call site] 00204
9 strchr [call site] 00205
9 file_magwarn [function] [call site] 00206
9 file_magwarn [function] [call site] 00207
9 hextoint [function] [call site] 00208
10 __ctype_b_loc [call site] 00209
9 hextoint [function] [call site] 00210
9 file_pstring_length_size [function] [call site] 00211
10 file_error [function] [call site] 00212
8 file_magwarn [function] [call site] 00213
8 file_regcomp [function] [call site] 00214
9 check_regex [function] [call site] 00215
10 strchr [call site] 00216
10 strlen [call site] 00217
10 file_printable [function] [call site] 00218
11 __ctype_b_loc [call site] 00219
10 file_magwarn [function] [call site] 00220
10 __errno_location [call site] 00221
10 strtoul [call site] 00222
10 strtoul [call site] 00223
10 __ctype_b_loc [call site] 00224
10 strlen [call site] 00225
10 file_printable [function] [call site] 00226
10 file_magwarn [function] [call site] 00227
10 file_magwarn [function] [call site] 00228
9 uselocale [call site] 00229
9 __assert_fail [call site] 00230
9 regcomp [call site] 00231
9 uselocale [call site] 00232
9 regerror [call site] 00233
9 strlen [call site] 00234
9 file_printable [function] [call site] 00235
9 file_magerror [function] [call site] 00236
8 file_regfree [function] [call site] 00237
8 __errno_location [call site] 00238
8 strtof [call site] 00239
8 __errno_location [call site] 00240
8 __errno_location [call site] 00241
8 strtod [call site] 00242
8 __errno_location [call site] 00243
8 file_parse_guid [function] [call site] 00244
9 __isoc99_sscanf [call site] 00245
8 __errno_location [call site] 00246
8 strtoull [call site] 00247
8 file_signextend [function] [call site] 00248
8 file_magwarn [function] [call site] 00249
8 typesize [function] [call site] 00250
8 file_magwarn [function] [call site] 00251
8 __ctype_b_loc [call site] 00252
8 fprintf [call site] 00253
8 abort [call site] 00254
8 file_magwarn [function] [call site] 00255
8 __errno_location [call site] 00256
8 eatsize [function] [call site] 00257
7 __ctype_b_loc [call site] 00258
7 file_magwarn [function] [call site] 00259
7 check_format [function] [call site] 00260
8 file_magwarn [function] [call site] 00261
8 file_magwarn [function] [call site] 00262
8 check_format_type [function] [call site] 00263
9 fprintf [call site] 00264
9 abort [call site] 00265
9 strchr [call site] 00266
9 __ctype_b_loc [call site] 00267
9 __ctype_b_loc [call site] 00268
9 __ctype_b_loc [call site] 00269
9 __ctype_b_loc [call site] 00270
9 __ctype_b_loc [call site] 00271
9 __ctype_b_loc [call site] 00272
9 fprintf [call site] 00273
9 abort [call site] 00274
8 file_magwarn [function] [call site] 00275
8 file_magwarn [function] [call site] 00276
7 file_mdump [function] [call site] 00277
8 fprintf [call site] 00278
8 fprintf [call site] 00279
8 fputc [call site] 00280
8 fprintf [call site] 00281
8 fprintf [call site] 00282
8 fputc [call site] 00283
8 fputc [call site] 00284
8 fputc [call site] 00285
8 fputc [call site] 00286
8 fputc [call site] 00287
8 fputc [call site] 00288
8 fputc [call site] 00289
8 fputc [call site] 00290
8 fputc [call site] 00291
8 fputc [call site] 00292
8 fputc [call site] 00293
8 fputc [call site] 00294
8 fputc [call site] 00295
8 fprintf [call site] 00296
8 fputc [call site] 00297
8 fputc [call site] 00298
8 fprintf [call site] 00299
8 fprintf [call site] 00300
8 fprintf [call site] 00301
8 file_showstr [function] [call site] 00302
9 fputc [call site] 00303
9 fputc [call site] 00304
9 fputc [call site] 00305
9 fputc [call site] 00306
9 fputc [call site] 00307
9 fputc [call site] 00308
9 fputc [call site] 00309
9 fputc [call site] 00310
9 fputc [call site] 00311
9 fprintf [call site] 00312
8 file_fmtdatetime [function] [call site] 00313
9 cdf_timestamp_to_timespec [function] [call site] 00314
10 cdf_getdays [function] [call site] 00315
10 cdf_getday [function] [call site] 00316
10 cdf_getmonth [function] [call site] 00317
10 __errno_location [call site] 00318
9 tzset [call site] 00319
9 localtime_r [call site] 00320
9 gmtime_r [call site] 00321
9 asctime_r [call site] 00322
9 strcspn [call site] 00323
9 strlcpy [function] [call site] 00324
8 file_fmtdatetime [function] [call site] 00325
8 fprintf [call site] 00326
8 file_fmtdatetime [function] [call site] 00327
8 fprintf [call site] 00328
8 file_fmtdatetime [function] [call site] 00329
8 fprintf [call site] 00330
8 file_fmtdatetime [function] [call site] 00331
8 fprintf [call site] 00332
8 fprintf [call site] 00333
8 file_fmtvarint [function] [call site] 00334
9 file_varint2uintmax_t [function] [call site] 00335
9 snprintf [call site] 00336
8 fprintf [call site] 00337
8 file_fmtdate [function] [call site] 00338
9 strftime [call site] 00339
9 strlcpy [function] [call site] 00340
8 file_fmttime [function] [call site] 00341
9 strftime [call site] 00342
9 strlcpy [function] [call site] 00343
8 fprintf [call site] 00344
8 file_fmtnum [function] [call site] 00345
9 __errno_location [call site] 00346
9 strtoull [call site] 00347
9 __errno_location [call site] 00348
9 strlcpy [function] [call site] 00349
9 snprintf [call site] 00350
8 fprintf [call site] 00351
8 fprintf [call site] 00352
8 file_print_guid [function] [call site] 00353
9 snprintf [call site] 00354
8 fprintf [call site] 00355
8 fprintf [call site] 00356
8 fprintf [call site] 00357
6 addentry [function] [call site] 00358
7 realloc [call site] 00359
7 file_oomem [function] [call site] 00360
7 __assert_fail [call site] 00361
6 addentry [function] [call site] 00362
6 fclose [call site] 00363
5 load_1 [function] [call site] 00364
5 set_text_binary [function] [call site] 00365
6 set_test_type [function] [call site] 00366
7 file_looks_utf8 [function] [call site] 00367
6 fprintf [call site] 00368
6 strstr [call site] 00369
6 __ctype_b_loc [call site] 00370
6 __ctype_b_loc [call site] 00371
6 fprintf [call site] 00372
5 qsort [call site] 00373
5 apprentice_sort [function] [call site] 00374
6 file_magic_strength [function] [call site] 00375
7 apprentice_magic_strength_1 [function] [call site] 00376
8 file_magwarn [function] [call site] 00377
8 typesize [function] [call site] 00378
8 fprintf [call site] 00379
8 abort [call site] 00380
8 nonmagic [function] [call site] 00381
8 fprintf [call site] 00382
8 abort [call site] 00383
8 fprintf [call site] 00384
8 abort [call site] 00385
7 fprintf [call site] 00386
7 abort [call site] 00387
6 file_magic_strength [function] [call site] 00388
5 set_last_default [function] [call site] 00389
6 file_magwarn [function] [call site] 00390
5 coalesce_entries [function] [call site] 00391
6 file_oomem [function] [call site] 00392
5 magic_entry_free [function] [call site] 00393
5 apprentice_unmap [function] [call site] 00394
4 apprentice_compile [function] [call site] 00395
5 mkdbname [function] [call site] 00396
6 strrchr [call site] 00397
6 asprintf [call site] 00398
6 access [call site] 00399
6 asprintf [call site] 00400
6 strstr [call site] 00401
5 open [call site] 00402
5 __errno_location [call site] 00403
5 file_error [function] [call site] 00404
5 write [call site] 00405
5 __errno_location [call site] 00406
5 file_error [function] [call site] 00407
5 write [call site] 00408
5 __errno_location [call site] 00409
5 file_error [function] [call site] 00410
5 close [call site] 00411
5 apprentice_unmap [function] [call site] 00412
4 apprentice_map [function] [call site] 00413
5 calloc [call site] 00414
5 file_oomem [function] [call site] 00415
5 mkdbname [function] [call site] 00416
5 open [call site] 00417
5 fstat [call site] 00418
5 __errno_location [call site] 00419
5 file_error [function] [call site] 00420
5 maxoff_t [function] [call site] 00421
5 file_error [function] [call site] 00422
5 mmap [call site] 00423
5 __errno_location [call site] 00424
5 file_error [function] [call site] 00425
5 close [call site] 00426
5 check_buffer [function] [call site] 00427
6 __bswap_32 [function] [call site] 00428
6 file_error [function] [call site] 00429
6 __bswap_32 [function] [call site] 00430
6 file_error [function] [call site] 00431
6 file_error [function] [call site] 00432
6 __bswap_32 [function] [call site] 00433
6 file_error [function] [call site] 00434
6 byteswap [function] [call site] 00435
7 bs1 [function] [call site] 00436
8 __bswap_16 [function] [call site] 00437
8 __bswap_32 [function] [call site] 00438
8 __bswap_32 [function] [call site] 00439
8 __bswap_32 [function] [call site] 00440
8 __bswap_32 [function] [call site] 00441
8 __bswap_32 [function] [call site] 00442
8 __bswap_64 [function] [call site] 00443
8 __bswap_64 [function] [call site] 00444
5 mprotect [call site] 00445
5 __errno_location [call site] 00446
5 file_error [function] [call site] 00447
5 close [call site] 00448
5 apprentice_unmap [function] [call site] 00449
4 file_magwarn [function] [call site] 00450
4 apprentice_load [function] [call site] 00451
4 add_mlist [function] [call site] 00452
5 calloc [call site] 00453
4 apprentice_unmap [function] [call site] 00454
4 mlist_free_all [function] [call site] 00455
5 mlist_free [function] [call site] 00456
4 file_oomem [function] [call site] 00457
4 printf [call site] 00458
4 apprentice_list [function] [call site] 00459
5 file_magic_strength [function] [call site] 00460
5 printf [call site] 00461
4 printf [call site] 00462
4 apprentice_list [function] [call site] 00463
3 mlist_free [function] [call site] 00464
3 file_error [function] [call site] 00465
3 file_error [function] [call site] 00466
1 FuzzerTemporaryFile::filename() const [function] [call site] 00467
1 magic_compile [function] [call site] 00468
2 file_apprentice [function] [call site] 00469
1 magic_close [function] [call site] 00470
2 file_ms_free [function] [call site] 00471
3 mlist_free [function] [call site] 00472
3 freelocale [call site] 00473
1 FuzzerTemporaryFile::~FuzzerTemporaryFile() [function] [call site] 00474
2 fuzzer_release_tmpfile(char*) [function] [call site] 00475
3 unlink [call site] 00476
2 __clang_call_terminate [call site] 00477
3 __cxa_begin_catch [call site] 00478