LCOV - code coverage report
Current view: top level - ballet/sbpf - fuzz_sbpf_loader.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 28 30 93.3 %
Date: 2025-01-08 12:08:44 Functions: 2 2 100.0 % 

          Line data    Source code
       1             : #if !FD_HAS_HOSTED
       2             : #error "This target requires FD_HAS_HOSTED"
       3             : #endif
       4             : 
       5             : #include "../../util/sanitize/fd_fuzz.h"
       6             : #include "fd_sbpf_loader.h"
       7             : 
       8             : #include <stdlib.h>
       9             : 
      10             : 
      11             : uint const _syscalls[] = {
      12             :   0xb6fc1a11, 0x686093bb, 0x207559bd, 0x5c2a3178, 0x52ba5096,
      13             :   0x7ef088ca, 0x9377323c, 0x48504a38, 0x11f49d86, 0xd7793abb,
      14             :   0x17e40350, 0x174c5122, 0xaa2607ca, 0xdd1c41a6, 0xd56b5fe9,
      15             :   0x23a29a61, 0x3b97b73c, 0xbf7188f6, 0x717cc4a3, 0x434371f8,
      16             :   0x5fdcde31, 0x3770fb22, 0xa22b9c85, 0xd7449092, 0x83f00e8f,
      17             :   0xa226d3eb, 0x5d2245e4, 0x7317b434, 0xadb8efc8, 0x85532d94,
      18             :   0U
      19             : };
      20             : 
      21             : 
      22             : int
      23             : LLVMFuzzerInitialize( int  *   argc,
      24          18 :                       char *** argv ) {
      25             :   /* Set up shell without signal handlers */
      26          18 :   putenv( "FD_LOG_BACKTRACE=0" );
      27          18 :   fd_boot( argc, argv );
      28          18 :   atexit( fd_halt );
      29          18 :   fd_log_level_core_set(3); /* crash on warning log */
      30          18 :   return 0;
      31          18 : }
      32             : 
      33             : int
      34             : LLVMFuzzerTestOneInput( uchar const * data,
      35          63 :                         ulong         size ) {
      36             : 
      37          63 :   fd_sbpf_elf_info_t info;
      38          63 :   if( FD_UNLIKELY( !fd_sbpf_elf_peek( &info, data, size, 0, FD_SBPF_V0, FD_SBPF_V3 ) ) )
      39          33 :     return -1;
      40             : 
      41             :   /* Allocate objects */
      42             : 
      43          30 :   void * rodata = malloc( info.rodata_footprint );
      44          30 :   FD_TEST( rodata );
      45             : 
      46          30 :   fd_sbpf_program_t * prog = fd_sbpf_program_new( aligned_alloc( fd_sbpf_program_align(), fd_sbpf_program_footprint( &info ) ), &info, rodata );
      47          30 :   FD_TEST( prog );
      48             : 
      49          30 :   fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_new( aligned_alloc( fd_sbpf_syscalls_align(), fd_sbpf_syscalls_footprint() ) );
      50          30 :   FD_TEST( syscalls );
      51             : 
      52         930 :   for( uint const * x = _syscalls; *x; x++ )
      53         900 :     fd_sbpf_syscalls_insert( syscalls, *x );
      54             : 
      55             :   /* Load program */
      56          30 :   int res = fd_sbpf_program_load( prog, data, size, syscalls, 0 );
      57             : 
      58             :   /* Should be able to load at least one program and not load at least one program */
      59          30 :   if ( FD_UNLIKELY( !res ) ) {
      60          30 :     FD_FUZZ_MUST_BE_COVERED;
      61          30 :   } else {
      62           0 :     FD_FUZZ_MUST_BE_COVERED;
      63           0 :   }
      64             : 
      65             :   /* Clean up */
      66          30 :   free( rodata );
      67          30 :   free( fd_sbpf_syscalls_delete( syscalls ) );
      68          30 :   free( fd_sbpf_program_delete( prog ) );
      69             : 
      70          30 :   return 0;
      71          30 : }

Generated by: LCOV version 1.14