LCOV - code coverage report
Current view: top level - waltz/resolv - fuzz_dn_expand.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 7 7 100.0 %
Date: 2025-07-01 05:00:49 Functions: 1 1 100.0 % 

          Line data    Source code
       1             : #include "../../util/fd_util.h"
       2             : #include "fd_lookup.h"
       3             : 
       4             : #include <assert.h>
       5             : #include <stdlib.h>
       6             : 
       7             : /* This function is hidden by default */
       8             : int
       9             : fd_dn_expand( uchar const *base,
      10             :               uchar const *end,
      11             :               uchar const *src,
      12             :               char *dest,
      13             :               int space );
      14             : 
      15             : int
      16             : LLVMFuzzerInitialize( int *argc,
      17          15 :                       char ***argv ) {
      18             :   /* Set up shell without signal handlers */
      19          15 :   putenv( "FD_LOG_BACKTRACE=0" );
      20          15 :   fd_boot( argc, argv );
      21          15 :   (void) atexit( fd_halt );
      22          15 :   fd_log_level_core_set( 1 ); /* crash on info log */
      23          15 :   return 0;
      24          15 : }
      25             : 
      26             : 
      27             : int
      28             : LLVMFuzzerTestOneInput( uchar const *data,
      29             :                         ulong        size ) {
      30             :   char tmp[256] = {0};
      31             : 
      32             :   /* Need at least two bytes for the offset plus one byte of data */
      33             :   if( FD_UNLIKELY( size<3 )) {
      34             :     return 1;
      35             :   }
      36             : 
      37             :   /* First two bytes pick an offset inside the packet to start
      38             :      expansion from.  The modulo arithmetic ensures we never read past
      39             :      the end of the provided buffer. */
      40             :   ushort offset = (ushort) (((ushort) data[ 0 ] | (ushort) (data[ 1 ] << 8)) % (ushort) (size-2UL));
      41             : 
      42             :   int ret = fd_dn_expand( data+2, data+size, /* base/end */
      43             :                           data+offset,       /* src      */
      44             :                           tmp, sizeof(tmp));
      45             : 
      46             :   FD_TEST((ret == -1) || (ret > 0 && ret <= (int) size));
      47             :   if( ret>0 ) {
      48             :     FD_TEST( tmp[ sizeof(tmp)-1 ]=='\0' );
      49             :     FD_TEST( strlen( tmp )<sizeof(tmp));
      50             :   }
      51             : 
      52             :   return 0;
      53             : }

Generated by: LCOV version 1.14