[libFuzzer] add a simple puzzle that is difficult for today's libFuzzer

author Kostya Serebryany <kcc@google.com>

Thu, 10 May 2018 02:02:41 +0000 (02:02 +0000)

committer Kostya Serebryany <kcc@google.com>

Thu, 10 May 2018 02:02:41 +0000 (02:02 +0000)
author Kostya Serebryany <kcc@google.com>
Thu, 10 May 2018 02:02:41 +0000 (02:02 +0000)
committer Kostya Serebryany <kcc@google.com>
Thu, 10 May 2018 02:02:41 +0000 (02:02 +0000)
diff --git a/compiler-rt/test/fuzzer/OnlySomeBytesTest.cpp b/compiler-rt/test/fuzzer/OnlySomeBytesTest.cpp

new file mode 100644 (file)

index 0000000..05793f0
--- /dev/null
+++ b/compiler-rt/test/fuzzer/OnlySomeBytesTest.cpp
@@ -0,0 +1,34 @@
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+
+// Find ABCxxFxUxZxxx... (2048+ bytes, 'x' is any byte)
+#include <assert.h>
+#include <cstddef>
+#include <cstdint>
+#include <cstdlib>
+#include <cstring>
+#include <cstdio>
+
+const size_t N = 2048;
+typedef const uint8_t *IN;
+
+__attribute__((noinline)) void bad() {
+  fprintf(stderr, "BINGO\n");
+  abort();
+}
+
+__attribute__((noinline)) void f0(IN in) {
+  uint32_t x = in[5] + 251 * in[7] + 251 * 251 * in[9];
+  if (x == 'F' + 251 * 'U' + 251 * 251 * 'Z')
+    bad();
+}
+
+__attribute__((noinline)) void fC(IN in) { if (in[2] == 'C') f0(in); }
+__attribute__((noinline)) void fB(IN in) { if (in[1] == 'B') fC(in); }
+__attribute__((noinline)) void fA(IN in) { if (in[0] == 'A') fB(in); }
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  if (Size < N) return 0;
+  fA((IN)Data);
+  return 0;
+}
author	Kostya Serebryany <kcc@google.com>
	Thu, 10 May 2018 02:02:41 +0000 (02:02 +0000)
committer	Kostya Serebryany <kcc@google.com>
	Thu, 10 May 2018 02:02:41 +0000 (02:02 +0000)