diff options
| author | Allen Webb <allenwebb@google.com> | 2018-08-21 12:11:38 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2018-12-03 12:43:22 -0800 |
| commit | a5e1a639e55d1c6382b4d690c6b78f6f85e8fbc9 (patch) | |
| tree | 04ea72cd9750bc6b3e792550f7fd9515186a3636 /fuzz/span.h | |
| parent | b343c963b38b03df97a1bc57f201e26640c89e47 (diff) | |
| download | chrome-ec-a5e1a639e55d1c6382b4d690c6b78f6f85e8fbc9.tar.gz | |
cr50_fuzz: Add libprotobuf-mutator support.
This uses protocol buffers to model what actions can be taken with
pinweaver at a higher level of abstraction than the raw requests to
greatly increase the coverage that can be achieved by fuzzing, while
still allowing for invalid inputs to be checked.
BRANCH=none
BUG=chromium:876582
TEST=sudo emerge libprotobuf-mutator &&
make -j buildfuzztests && ./build/host/cr50_fuzz/cr50_fuzz.exe
Change-Id: Ie7ce569650ca06866f277f36eae61df2684de60c
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1184107
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Diffstat (limited to 'fuzz/span.h')
| -rw-r--r-- | fuzz/span.h | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/fuzz/span.h b/fuzz/span.h new file mode 100644 index 0000000000..531df832a3 --- /dev/null +++ b/fuzz/span.h @@ -0,0 +1,56 @@ +// Copyright 2018 The Chromium OS Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef __FUZZ_SPAN_H +#define __FUZZ_SPAN_H + +#include <unistd.h> + +#include <algorithm> + +namespace fuzz { + +template <typename T> +class span { + public: + typedef T value_type; + + constexpr span() : span<T>(nullptr, nullptr) {} + constexpr span(T* begin, size_t size) : begin_(begin), end_(begin + size) {} + constexpr span(T* begin, T* end) : begin_(begin), end_(end) {} + + template <class Container> + constexpr span(Container& container) + : begin_(container.begin()), end_(container.end()){}; + + constexpr T* begin() const { return begin_; } + constexpr T* end() const { return end_; } + + constexpr T* data() const { return begin_; } + + constexpr bool empty() const { return begin_ == end_; } + constexpr size_t size() const { return end_ - begin_; } + + private: + T* begin_; + T* end_; +}; + +template <typename Source, typename Destination> +size_t CopyWithPadding(Source source, + Destination destination, + typename Destination::value_type fill_value) { + if (source.size() >= destination.size()) { + std::copy(source.begin(), source.begin() + destination.size(), + destination.begin()); + return destination.size(); + } + std::copy(source.begin(), source.end(), destination.begin()); + std::fill(destination.begin() + source.size(), destination.end(), fill_value); + return source.size(); +} + +} // namespace fuzz + +#endif // __FUZZ_SPAN_H |