[llvm] r315716 - [llvm-demangle-fuzzer] Add a fuzz target for ItaniumDemangler.

Matt Morehouse via llvm-commits llvm-commits at lists.llvm.org
Fri Oct 13 10:35:37 PDT 2017 

Author: morehouse
Date: Fri Oct 13 10:35:37 2017
New Revision: 315716

URL: http://llvm.org/viewvc/llvm-project?rev=315716&view=rev
Log:
[llvm-demangle-fuzzer] Add a fuzz target for ItaniumDemangler.

Patch By: hctim

Reviewers: morehouse, bogner

Reviewed By: bogner

Subscribers: bogner, kcc, llvm-commits, mgorny

Differential Revision: https://reviews.llvm.org/D38855

Added:
    llvm/trunk/tools/llvm-demangle-fuzzer/
    llvm/trunk/tools/llvm-demangle-fuzzer/CMakeLists.txt
    llvm/trunk/tools/llvm-demangle-fuzzer/DummyDemanglerFuzzer.cpp
    llvm/trunk/tools/llvm-demangle-fuzzer/llvm-demangle-fuzzer.cpp
Modified:
    llvm/trunk/docs/FuzzingLLVM.rst

Modified: llvm/trunk/docs/FuzzingLLVM.rst
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/docs/FuzzingLLVM.rst?rev=315716&r1=315715&r2=315716&view=diff
==============================================================================
--- llvm/trunk/docs/FuzzingLLVM.rst (original)
+++ llvm/trunk/docs/FuzzingLLVM.rst Fri Oct 13 10:35:37 2017
@@ -68,6 +68,13 @@ this fuzzer has reported are `on OSS Fuz
 
 __ https://bugs.chromium.org/p/oss-fuzz/issues/list?q=proj-llvm+llvm-dwarfdump-fuzzer
 
+llvm-demangle-fuzzer
+---------------------
+
+A |generic fuzzer| for the Itanium demangler used in various LLVM tools. We've
+fuzzed __cxa_demangle to death, why not fuzz LLVM's implementation of the same
+function!
+
 llvm-isel-fuzzer
 ----------------
 

Added: llvm/trunk/tools/llvm-demangle-fuzzer/CMakeLists.txt
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/llvm-demangle-fuzzer/CMakeLists.txt?rev=315716&view=auto
==============================================================================
--- llvm/trunk/tools/llvm-demangle-fuzzer/CMakeLists.txt (added)
+++ llvm/trunk/tools/llvm-demangle-fuzzer/CMakeLists.txt Fri Oct 13 10:35:37 2017
@@ -0,0 +1,8 @@
+set(LLVM_LINK_COMPONENTS
+  Demangle
+  FuzzMutate
+)
+
+add_llvm_fuzzer(llvm-demangle-fuzzer
+  llvm-demangle-fuzzer.cpp
+  DUMMY_MAIN DummyDemanglerFuzzer.cpp)

Added: llvm/trunk/tools/llvm-demangle-fuzzer/DummyDemanglerFuzzer.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/llvm-demangle-fuzzer/DummyDemanglerFuzzer.cpp?rev=315716&view=auto
==============================================================================
--- llvm/trunk/tools/llvm-demangle-fuzzer/DummyDemanglerFuzzer.cpp (added)
+++ llvm/trunk/tools/llvm-demangle-fuzzer/DummyDemanglerFuzzer.cpp Fri Oct 13 10:35:37 2017
@@ -0,0 +1,19 @@
+//===--- DummyDemanglerMain.cpp - Entry point to sanity check the fuzzer --===//
+//
+//                     The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+//
+// Implementation of main so we can build and test without linking libFuzzer.
+//
+//===----------------------------------------------------------------------===//
+
+#include "llvm/FuzzMutate/FuzzerCLI.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
+int main(int argc, char *argv[]) {
+  return llvm::runFuzzerOnInputs(argc, argv, LLVMFuzzerTestOneInput);
+}

Added: llvm/trunk/tools/llvm-demangle-fuzzer/llvm-demangle-fuzzer.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/llvm-demangle-fuzzer/llvm-demangle-fuzzer.cpp?rev=315716&view=auto
==============================================================================
--- llvm/trunk/tools/llvm-demangle-fuzzer/llvm-demangle-fuzzer.cpp (added)
+++ llvm/trunk/tools/llvm-demangle-fuzzer/llvm-demangle-fuzzer.cpp Fri Oct 13 10:35:37 2017
@@ -0,0 +1,24 @@
+//===--- llvm-demangle-fuzzer.cpp - Fuzzer for the Itanium Demangler ------===//
+//
+//                     The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+
+#include "llvm/Demangle/Demangle.h"
+
+#include <cstdint>
+#include <cstdlib>
+#include <string>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  std::string NullTerminatedString((const char *)Data, Size);
+  int status = 0;
+  if (char *demangle = llvm::itaniumDemangle(NullTerminatedString.c_str(), nullptr,
+                                         nullptr, &status))
+    free(demangle);
+
+  return 0;
+}

More information about the llvm-commits mailing list