Skip to content

Commit

Permalink
apply libFuzzer for expr
Browse files Browse the repository at this point in the history
  • Loading branch information
@plusun
plusun committed Jun 14, 2018
1 parent ce38c39 commit 237d95e
Show file tree
Hide file tree
Showing 4 changed files with 63 additions and 1 deletion.
51 changes: 50 additions & 1 deletion bin/expr/expr.y
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,10 +46,18 @@ __RCSID("$NetBSD: expr.y,v 1.39 2016/09/05 01:00:07 sevan Exp $");
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#if ENABLE_FUZZER
#include <stdint.h>
#include <stddef.h>
#endif

static const char * const *av;

static void yyerror(const char *, ...) __dead;
#if !ENABLE_FUZZER
static void yyerror(const char *, ...); __dead;
#else
#define yyerror(...) return 2;
#endif
static int yylex(void);
static int is_zero_or_null(const char *);
static int is_integer(const char *);
Expand Down Expand Up @@ -428,6 +436,7 @@ yylex(void)
/*
* Print error message and exit with error 2 (syntax error).
*/
#if !ENABLE_FUZZER
static __printflike(1, 2) void
yyerror(const char *fmt, ...)
{
Expand All @@ -437,6 +446,45 @@ yyerror(const char *fmt, ...)
verrx(2, fmt, arg);
va_end(arg);
}
#endif

#if ENABLE_FUZZER
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
char *str = (char *)malloc(Size + 1);
char *pre = (char *)malloc(Size + 1);
memcpy(str, Data, Size);
str[Size] = '\0';
memcpy(pre, Data, Size);
pre[Size] = '\0';

// scan Data to get count of words
const char *delim = " \t\n";
char *word = strtok(pre, delim);
size_t count = 0;
while (word) {
count++;
word = strtok(NULL, delim);
}
free(pre);

// generate argv
const char **argv = malloc(sizeof(const char *) * count + 1);
word = strtok(str, delim);
count = 0;
while (word) {
argv[count++] = word;
word = strtok(NULL, delim);
}
free(str);
argv[count] = NULL;

av = argv;
yyparse();
free(argv);
return 0;
}
#else

int
main(int argc, const char * const *argv)
Expand All @@ -455,3 +503,4 @@ main(int argc, const char * const *argv)
exit(yyparse());
/* NOTREACHED */
}
#endif
11 changes: 11 additions & 0 deletions share/mk/bsd.fuzzer.mk
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# $NetBSD$

.if !defined(_BSD_FUZZER_MK)
_BSD_FUZZER_MK=1

CFLAGS+= -DENABLE_FUZZER -fsanitize=fuzzer-no-link -g -O0
CXXFLAGS+= -DENABLE_FUZZER -fsanitize=fuzzer-no-link -g -O0
LDFLAGS+= -DENABLE_FUZZER -fsanitize=fuzzer -g -O0

.endif

1 change: 1 addition & 0 deletions share/mk/bsd.lib.mk
View file
Original file line number Diff line number Diff line change
Expand Up @@ -873,5 +873,6 @@ LINKSMODE?= ${LIBMODE}
.include <bsd.dep.mk>
.include <bsd.clang-analyze.mk>
.include <bsd.clean.mk>
.include <bsd.fuzzer.mk>

${TARGETS}: # ensure existence
1 change: 1 addition & 0 deletions share/mk/bsd.prog.mk
View file
Original file line number Diff line number Diff line change
Expand Up @@ -696,6 +696,7 @@ LINKSMODE?= ${BINMODE}
.include <bsd.dep.mk>
.include <bsd.clang-analyze.mk>
.include <bsd.clean.mk>
.include <bsd.fuzzer.mk>

${TARGETS}: # ensure existence

Expand Down

0 comments on commit 237d95e

Please sign in to comment.