1//===-- get_error_info_fuzzer.cpp -----------------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#define SCUDO_FUZZ
10#include "allocator_config.h"
11#include "combined.h"
12#include "common.h"
13
14#include <fuzzer/FuzzedDataProvider.h>
15
16#include <string>
17#include <vector>
18
19extern "C" int LLVMFuzzerTestOneInput(uint8_t *Data, size_t Size) {
20 using AllocatorT = scudo::Allocator<scudo::AndroidConfig>;
21 FuzzedDataProvider FDP(Data, Size);
22
23 uintptr_t FaultAddr = FDP.ConsumeIntegral<uintptr_t>();
24 uintptr_t MemoryAddr = FDP.ConsumeIntegral<uintptr_t>();
25
26 std::string MemoryAndTags =
27 FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
28 const char *Memory = MemoryAndTags.c_str();
29 // Assume 16-byte alignment.
30 size_t MemorySize = (MemoryAndTags.length() / 17) * 16;
31 const char *MemoryTags = Memory + MemorySize;
32
33 std::string StackDepotBytes =
34 FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
35
36 std::string RegionInfoBytes =
37 FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
38 std::vector<char> RegionInfo(AllocatorT::getRegionInfoArraySize(), 0);
39 for (size_t i = 0; i < RegionInfoBytes.length() && i < RegionInfo.size();
40 ++i) {
41 RegionInfo[i] = RegionInfoBytes[i];
42 }
43
44 std::string RingBufferBytes = FDP.ConsumeRemainingBytesAsString();
45
46 scudo_error_info ErrorInfo;
47 AllocatorT::getErrorInfo(ErrorInfo: &ErrorInfo, FaultAddr, DepotPtr: StackDepotBytes.data(),
48 DepotSize: StackDepotBytes.size(), RegionInfoPtr: RegionInfo.data(),
49 RingBufferPtr: RingBufferBytes.data(), RingBufferSize: RingBufferBytes.size(),
50 Memory, MemoryTags, MemoryAddr, MemorySize);
51 return 0;
52}
53

source code of compiler-rt/lib/scudo/standalone/fuzz/get_error_info_fuzzer.cpp