From 60d71dc20c5f9bb95e0b963ab6fb19212eb441a9 Mon Sep 17 00:00:00 2001
From: Max Dymond <cmeister2@gmail.com>
Date: Fri, 28 Jun 2019 22:19:27 +0100
Subject: [PATCH] Write a simple decompress target as well

---
 ossfuzz/Makefile             |  7 ++++---
 ossfuzz/decompress_fuzzer.cc | 28 ++++++++++++++++++++++++++++
 ossfuzz/ossfuzz.sh           |  4 ++--
 3 files changed, 34 insertions(+), 5 deletions(-)
 create mode 100644 ossfuzz/decompress_fuzzer.cc

diff --git a/ossfuzz/Makefile b/ossfuzz/Makefile
index 2a7e439..1e7679b 100644
--- a/ossfuzz/Makefile
+++ b/ossfuzz/Makefile
@@ -21,7 +21,8 @@
 #  - LZ4 homepage : http://www.lz4.org
 #  - LZ4 source repository : https://github.com/lz4/lz4
 # ##########################################################################
-# lz4_fuzzer : OSS Fuzz test tool
+# compress_fuzzer : OSS Fuzz test tool
+# decompress_fuzzer : OSS Fuzz test tool
 # ##########################################################################
 
 LZ4DIR  := ../lib
@@ -44,8 +45,8 @@ $(LZ4DIR)/liblz4.a:
 %.o: %.cc
 	$(CXX) -c $(CXXFLAGS) $(CPPFLAGS) $< -o $@
 
-.PHONY: compress_fuzzer
-compress_fuzzer: compress_fuzzer.o $(LZ4DIR)/liblz4.a
+# Generic rule for generating fuzzers
+%_fuzzer: %_fuzzer.o $(LZ4DIR)/liblz4.a
 	# Compile the standalone code just in case. The OSS-Fuzz code might
 	# override the LIB_FUZZING_ENGINE value to "-fsanitize=fuzzer"
 	$(CXX) -c $(CXXFLAGS) $(CPPFLAGS) standaloneengine.cc -o standaloneengine.o
diff --git a/ossfuzz/decompress_fuzzer.cc b/ossfuzz/decompress_fuzzer.cc
new file mode 100644
index 0000000..594a5af
--- /dev/null
+++ b/ossfuzz/decompress_fuzzer.cc
@@ -0,0 +1,28 @@
+#include <stddef.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include "lz4.h"
+
+#define CHECK(COND)   if (!(COND)) { abort(); }
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+  size_t const buffer_size = 10 * 1024 * 1024;
+  char *const dest_buffer = (char *)malloc(buffer_size);
+
+  if (dest_buffer != NULL)
+  {
+    // Allocation succeeded, try decompressing the incoming data.
+    int result = LZ4_decompress_safe((const char*)data,
+                                     dest_buffer,
+                                     size,
+                                     buffer_size);
+
+    // Ignore the result of decompression.
+    (void)result;
+
+    free(dest_buffer);
+  }
+
+  return 0;
+}
diff --git a/ossfuzz/ossfuzz.sh b/ossfuzz/ossfuzz.sh
index 87bc213..a76b0d6 100755
--- a/ossfuzz/ossfuzz.sh
+++ b/ossfuzz/ossfuzz.sh
@@ -16,8 +16,8 @@ echo "OUT: $OUT"
 export MAKEFLAGS+="-j$(nproc)"
 
 pushd ossfuzz
-make V=1 compress_fuzzer
+make V=1 compress_fuzzer decompress_fuzzer
 popd
 
 # Copy the fuzzers to the target directory.
-cp -v ossfuzz/compress_fuzzer $OUT/
+cp -v ossfuzz/compress_fuzzer ossfuzz/decompress_fuzzer $OUT/
-- 
2.7.4