[libc-commits] [libc] [libc] Add fuzzers for `memcpy` and `memset` (PR #90591)
Clement Courbet via libc-commits
libc-commits at lists.llvm.org
Tue Apr 30 07:13:55 PDT 2024
================
@@ -0,0 +1,56 @@
+//===-- memcpy_fuzz.cpp ---------------------------------------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+///
+/// Fuzzing test for llvm-libc memcpy implementation.
+///
+//===----------------------------------------------------------------------===//
+#include "protected_pages.h"
+#include "src/string/memcpy.h"
+#include <stddef.h> // size_t
+#include <stdint.h> // uint8_t
+#include <stdlib.h> // rand
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t data_size) {
+ static constexpr size_t MAX_SIZE = 1024;
+ static ProtectedPages pages;
+ static const Page write_buffer = pages.GetPageA().WithAccess(PROT_WRITE);
+ static const Page read_buffer = [&]() {
+ // We fetch page B in write mode.
+ auto page = pages.GetPageB().WithAccess(PROT_WRITE);
+ // And fill it with random numbers.
+ for (size_t i = 0; i < page.page_size; ++i)
+ page.page_ptr[i] = rand();
+ // Then return it in read mode.
+ return page.WithAccess(PROT_READ);
+ }();
+ // We fill 'size' with data coming from lib_fuzzer, this limits exploration to
----------------
legrosbuffle wrote:
Same comment here: we have only 1024 different values, why not use an exhaustive loop ?
https://github.com/llvm/llvm-project/pull/90591
More information about the libc-commits
mailing list