Skip to content

Commit 2679fa1

Browse files
committed
Provide a wrapper over LLVMFuzzerTestOneInput
This wrapper serves two purposes: 1) It converts from strictly C types to Rust types and also safeguards from unwinding over the FFI boundary; 2) It may end up providing a stabler interface over LLVMWhateverWhatnot symbol.
1 parent 5ed8d0a commit 2679fa1

File tree

2 files changed

+19
-4
lines changed

2 files changed

+19
-4
lines changed

README.md

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,9 @@ $ cat src/main.rs
2020
#![no_main]
2121
extern crate fuzzer_sys;
2222
23-
#[export_name="LLVMFuzzerTestOneInput"]
24-
pub extern fn go(data: *const u8, size: isize) -> i32 {
25-
// fuzzed code goes here
26-
0
23+
#[export_name="rust_fuzzer_test_input"]
24+
pub extern fn go(data: &[u8]) {
25+
// code to be fuzzed goes here
2726
}
2827
2928
$ cargo rustc -- -C passes='sancov' -C llvm-args='-sanitizer-coverage-level=3' -Z sanitizer=address -Cpanic=abort

src/lib.rs

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
#![feature(process_abort)]
2+
3+
extern "C" {
4+
#![allow(improper_ctypes)] // we do not actually cross the FFI bound here
5+
6+
fn rust_fuzzer_test_input(input: &[u8]);
7+
}
8+
9+
#[export_name="LLVMFuzzerTestOneInput"]
10+
pub fn test_input_wrap(data: *const u8, size: usize) -> i32 {
11+
::std::panic::catch_unwind(|| unsafe {
12+
let data_slice = ::std::slice::from_raw_parts(data, size);
13+
rust_fuzzer_test_input(data_slice);
14+
}).err().map(|_| ::std::process::abort());
15+
0
16+
}

0 commit comments

Comments
 (0)