LCOV - code coverage report
Current view: top level - ballet/sbpf - fuzz_sbpf_loader.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 27 29 93.1 %
Date: 2024-11-13 11:58:15 Functions: 2 2 100.0 % 

          Line data    Source code
       1             : #if !FD_HAS_HOSTED
       2             : #error "This target requires FD_HAS_HOSTED"
       3             : #endif
       4             : 
       5             : #include "../../util/sanitize/fd_fuzz.h"
       6             : #include "fd_sbpf_loader.h"
       7             : 
       8             : #include <stdlib.h>
       9             : 
      10             : 
      11             : uint const _syscalls[] = {
      12             :   0xb6fc1a11, 0x686093bb, 0x207559bd, 0x5c2a3178, 0x52ba5096,
      13             :   0x7ef088ca, 0x9377323c, 0x48504a38, 0x11f49d86, 0xd7793abb,
      14             :   0x17e40350, 0x174c5122, 0xaa2607ca, 0xdd1c41a6, 0xd56b5fe9,
      15             :   0x23a29a61, 0x3b97b73c, 0xbf7188f6, 0x717cc4a3, 0x434371f8,
      16             :   0x5fdcde31, 0x3770fb22, 0xa22b9c85, 0xd7449092, 0x83f00e8f,
      17             :   0xa226d3eb, 0x5d2245e4, 0x7317b434, 0xadb8efc8, 0x85532d94,
      18             :   0U
      19             : };
      20             : 
      21             : 
      22             : int
      23             : LLVMFuzzerInitialize( int  *   argc,
      24          18 :                       char *** argv ) {
      25             :   /* Set up shell without signal handlers */
      26          18 :   putenv( "FD_LOG_BACKTRACE=0" );
      27          18 :   fd_boot( argc, argv );
      28          18 :   atexit( fd_halt );
      29          18 :   return 0;
      30          18 : }
      31             : 
      32             : int
      33             : LLVMFuzzerTestOneInput( uchar const * data,
      34          63 :                         ulong         size ) {
      35             : 
      36          63 :   fd_sbpf_elf_info_t info;
      37          63 :   if( FD_UNLIKELY( !fd_sbpf_elf_peek( &info, data, size, 0 ) ) )
      38          33 :     return -1;
      39             : 
      40             :   /* Allocate objects */
      41             : 
      42          30 :   void * rodata = malloc( info.rodata_footprint );
      43          30 :   FD_TEST( rodata );
      44             : 
      45          30 :   fd_sbpf_program_t * prog = fd_sbpf_program_new( aligned_alloc( fd_sbpf_program_align(), fd_sbpf_program_footprint( &info ) ), &info, rodata );
      46          30 :   FD_TEST( prog );
      47             : 
      48          30 :   fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_new( aligned_alloc( fd_sbpf_syscalls_align(), fd_sbpf_syscalls_footprint() ) );
      49          30 :   FD_TEST( syscalls );
      50             : 
      51         930 :   for( uint const * x = _syscalls; *x; x++ )
      52         900 :     fd_sbpf_syscalls_insert( syscalls, *x );
      53             : 
      54             :   /* Load program */
      55          30 :   int res = fd_sbpf_program_load( prog, data, size, syscalls, 0 );
      56             : 
      57             :   /* Should be able to load at least one program and not load at least one program */
      58          30 :   if ( FD_UNLIKELY( !res ) ) {
      59          30 :     FD_FUZZ_MUST_BE_COVERED;
      60          30 :   } else {
      61           0 :     FD_FUZZ_MUST_BE_COVERED;
      62           0 :   }
      63             : 
      64             :   /* Clean up */
      65          30 :   free( rodata );
      66          30 :   free( fd_sbpf_syscalls_delete( syscalls ) );
      67          30 :   free( fd_sbpf_program_delete( prog ) );
      68             : 
      69          30 :   return 0;
      70          30 : }

Generated by: LCOV version 1.14