[llvm] 82ef888 - [Bitcode] Add fuzzer for bitcode reading
Nikita Popov via llvm-commits
llvm-commits at lists.llvm.org
Mon Feb 7 01:24:48 PST 2022
Author: Nikita Popov
Date: 2022-02-07T10:24:39+01:00
New Revision: 82ef888fbf3a19c80b042c483fe939d93d187f1d
URL: https://github.com/llvm/llvm-project/commit/82ef888fbf3a19c80b042c483fe939d93d187f1d
DIFF: https://github.com/llvm/llvm-project/commit/82ef888fbf3a19c80b042c483fe939d93d187f1d.diff
LOG: [Bitcode] Add fuzzer for bitcode reading
Inspired by the discussion on D118694, this adds a straightforward
fuzzer for bitcode reading. Currently it will very quickly run into
OOM, because we do unconditional vector reservations with
user-provided sizes.
Added:
llvm/tools/llvm-dis-fuzzer/CMakeLists.txt
llvm/tools/llvm-dis-fuzzer/llvm-dis-fuzzer.cpp
Modified:
Removed:
################################################################################
diff --git a/llvm/tools/llvm-dis-fuzzer/CMakeLists.txt b/llvm/tools/llvm-dis-fuzzer/CMakeLists.txt
new file mode 100644
index 0000000000000..4b0b80e2f7582
--- /dev/null
+++ b/llvm/tools/llvm-dis-fuzzer/CMakeLists.txt
@@ -0,0 +1,6 @@
+set(LLVM_LINK_COMPONENTS
+ BitReader
+)
+add_llvm_fuzzer(llvm-dis-fuzzer
+ llvm-dis-fuzzer.cpp
+ )
diff --git a/llvm/tools/llvm-dis-fuzzer/llvm-dis-fuzzer.cpp b/llvm/tools/llvm-dis-fuzzer/llvm-dis-fuzzer.cpp
new file mode 100644
index 0000000000000..78eb5fcb238e9
--- /dev/null
+++ b/llvm/tools/llvm-dis-fuzzer/llvm-dis-fuzzer.cpp
@@ -0,0 +1,26 @@
+//===-- llvm-dis-fuzzer.cpp - Fuzzer for llvm-dis using lib/Fuzzer --------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+//
+// Fuzzer for LLVM bitcode reading.
+//
+//===----------------------------------------------------------------------===//
+
+#include "llvm/Bitcode/BitcodeReader.h"
+#include "llvm/Support/MemoryBuffer.h"
+
+using namespace llvm;
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+ LLVMContext Context;
+ auto Buffer = MemoryBuffer::getMemBuffer(
+ StringRef(reinterpret_cast<const char *>(Data), Size), "Fuzzer input",
+ /*RequiresNullTerminator=*/false);
+ consumeError(
+ parseBitcodeFile(Buffer->getMemBufferRef(), Context).takeError());
+ return 0;
+}
More information about the llvm-commits
mailing list