commit-graph, fuzz: add fuzzer for commit-graph

Break load_commit_graph_one() into a new function, parse_commit_graph(). The latter function operates on arbitrary buffers, which makes it suitable as a fuzzing target. Since parse_commit_graph() is only called by load_commit_graph_one() (and the fuzzer described below), we omit error messages that would be duplicated by the caller. Adds fuzz-commit-graph.c, which provides a fuzzing entry point compatible with libFuzzer (and possibly other fuzzing engines). Signed-off-by: Josh Steadmon <steadmon@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Josh Steadmon <steadmon@google.com> 2019-01-15 14:25:50 -0800
committer: Junio C Hamano <gitster@pobox.com> 2019-01-15 20:31:49 -0800
commit: aa658574bfcbe03f5703458ac10be1ef3f5f5472 (patch)
tree: b8841623f51f1013b9207a53b199f3f0b557b56b /fuzz-commit-graph.c
parent: 77556354bb7ac50450e3b28999e3576969869068 (diff)
download: git-aa658574bfcbe03f5703458ac10be1ef3f5f5472.tar.gz
1 files changed, 16 insertions, 0 deletions
diff --git a/fuzz-commit-graph.c b/fuzz-commit-graph.c
new file mode 100644
index 0000000000..cf790c9d04
--- /dev/null
+++ b/fuzz-commit-graph.c
@@ -0,0 +1,16 @@
+#include "commit-graph.h"
+
+struct commit_graph *parse_commit_graph(void *graph_map, int fd,
+					size_t graph_size);
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+	struct commit_graph *g;
+
+	g = parse_commit_graph((void *)data, -1, size);
+	free(g);
+
+	return 0;
+}
author	Josh Steadmon <steadmon@google.com>	2019-01-15 14:25:50 -0800
committer	Junio C Hamano <gitster@pobox.com>	2019-01-15 20:31:49 -0800
commit	aa658574bfcbe03f5703458ac10be1ef3f5f5472 (patch)
tree	b8841623f51f1013b9207a53b199f3f0b557b56b /fuzz-commit-graph.c
parent	77556354bb7ac50450e3b28999e3576969869068 (diff)
download	git-aa658574bfcbe03f5703458ac10be1ef3f5f5472.tar.gz