Home | History | Annotate | Download | only in test 
      1 // Simple test for a fuzzer.
      2 // Try to find the target using the indirect caller-callee pairs.
      3 #include <cstdint>
      4 #include <cstdlib>
      5 #include <cstddef>
      6 #include <cstring>
      7 #include <iostream>
      8 
      9 typedef void (*F)();
     10 static F t[256];
     11 
     12 void f34() {
     13   std::cerr << "BINGO\n";
     14   exit(1);
     15 }
     16 void f23() { t[(unsigned)'d'] = f34;}
     17 void f12() { t[(unsigned)'c'] = f23;}
     18 void f01() { t[(unsigned)'b'] = f12;}
     19 void f00() {}
     20 
     21 static F t0[256] = {
     22   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     23   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     24   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     25   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     26   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     27   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     28   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     29   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     30   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     31   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     32   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     33   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     34   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     35   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     36   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     37   f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00, f00,
     38 };
     39 
     40 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
     41   if (Size < 4) return 0;
     42   // Spoof the counters.
     43   for (int i = 0; i < 200; i++) {
     44     f23();
     45     f12();
     46     f01();
     47   }
     48   memcpy(t, t0, sizeof(t));
     49   t[(unsigned)'a'] = f01;
     50   t[Data[0]]();
     51   t[Data[1]]();
     52   t[Data[2]]();
     53   t[Data[3]]();
     54   return 0;
     55 }
     56 
     57