[compiler-rt] r331951 - [libFuzzer] add a simple puzzle that is difficult for today's libFuzzer

[Kostya Serebryany via llvm-commits]

Author: kcc
Date: Wed May  9 19:02:41 2018
New Revision: 331951

URL: http://llvm.org/viewvc/llvm-project?rev=331951&view=rev
Log:
[libFuzzer] add a simple puzzle that is difficult for today's libFuzzer

Added:
    compiler-rt/trunk/test/fuzzer/OnlySomeBytesTest.cpp

Added: compiler-rt/trunk/test/fuzzer/OnlySomeBytesTest.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/fuzzer/OnlySomeBytesTest.cpp?rev=331951&view=auto
==============================================================================
--- compiler-rt/trunk/test/fuzzer/OnlySomeBytesTest.cpp (added)
+++ compiler-rt/trunk/test/fuzzer/OnlySomeBytesTest.cpp Wed May  9 19:02:41 2018
@@ -0,0 +1,34 @@
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+
+// Find ABCxxFxUxZxxx... (2048+ bytes, 'x' is any byte)
+#include <assert.h>
+#include <cstddef>
+#include <cstdint>
+#include <cstdlib>
+#include <cstring>
+#include <cstdio>
+
+const size_t N = 2048;
+typedef const uint8_t *IN;
+
+__attribute__((noinline)) void bad() {
+  fprintf(stderr, "BINGO\n");
+  abort();
+}
+
+__attribute__((noinline)) void f0(IN in) {
+  uint32_t x = in[5] + 251 * in[7] + 251 * 251 * in[9];
+  if (x == 'F' + 251 * 'U' + 251 * 251 * 'Z')
+    bad();
+}
+
+__attribute__((noinline)) void fC(IN in) { if (in[2] == 'C') f0(in); }
+__attribute__((noinline)) void fB(IN in) { if (in[1] == 'B') fC(in); }
+__attribute__((noinline)) void fA(IN in) { if (in[0] == 'A') fB(in); }
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  if (Size < N) return 0;
+  fA((IN)Data);
+  return 0;
+}