1 #include "libhfuzz/fetch.h" 2 3 #include <errno.h> 4 #include <fcntl.h> 5 #include <inttypes.h> 6 #include <limits.h> 7 #include <stdbool.h> 8 #include <stdint.h> 9 #include <stdlib.h> 10 #include <sys/mman.h> 11 #include <unistd.h> 12 13 #include "honggfuzz.h" 14 #include "libhfcommon/common.h" 15 #include "libhfcommon/files.h" 16 #include "libhfcommon/log.h" 17 18 /* 19 * If this signature is visible inside a binary, it's probably a persistent-style fuzzing program. 20 * This mode of discover is employed by honggfuzz 21 */ 22 __attribute__((visibility("default"))) __attribute__((used)) const char* LIBHFUZZ_module_fetch = 23 _HF_PERSISTENT_SIG; 24 25 static const uint8_t* inputFile = NULL; 26 __attribute__((constructor)) static void init(void) { 27 if (fcntl(_HF_INPUT_FD, F_GETFD) == -1 && errno == EBADF) { 28 return; 29 } 30 if ((inputFile = mmap(NULL, _HF_INPUT_MAX_SIZE, PROT_READ, MAP_SHARED, _HF_INPUT_FD, 0)) == 31 MAP_FAILED) { 32 PLOG_F("mmap(fd=%d, size=%zu) of the input file failed", _HF_INPUT_FD, 33 (size_t)_HF_INPUT_MAX_SIZE); 34 } 35 } 36 37 void HonggfuzzFetchData(const uint8_t** buf_ptr, size_t* len_ptr) { 38 if (!files_writeToFd(_HF_PERSISTENT_FD, &HFReadyTag, sizeof(HFReadyTag))) { 39 LOG_F("writeToFd(size=%zu, readyTag) failed", sizeof(HFReadyTag)); 40 } 41 42 uint64_t rcvLen; 43 ssize_t sz = files_readFromFd(_HF_PERSISTENT_FD, (uint8_t*)&rcvLen, sizeof(rcvLen)); 44 if (sz == -1) { 45 PLOG_F("readFromFd(fd=%d, size=%zu) failed", _HF_PERSISTENT_FD, sizeof(rcvLen)); 46 } 47 if (sz != sizeof(rcvLen)) { 48 LOG_F("readFromFd(fd=%d, size=%zu) failed, received=%zd bytes", _HF_PERSISTENT_FD, 49 sizeof(rcvLen), sz); 50 } 51 52 *buf_ptr = inputFile; 53 *len_ptr = (size_t)rcvLen; 54 } 55 56 bool fetchIsInputAvailable(void) { 57 LOG_D("Current module: %s", LIBHFUZZ_module_fetch); 58 return (inputFile != NULL); 59 } 60
