1 //===-- get_error_info_fuzzer.cpp -----------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #define SCUDO_FUZZ 10 #include "allocator_config.h" 11 #include "combined.h" 12 13 #include <fuzzer/FuzzedDataProvider.h> 14 15 #include <string> 16 #include <vector> 17 18 extern "C" int LLVMFuzzerTestOneInput(uint8_t *Data, size_t Size) { 19 using AllocatorT = scudo::Allocator<scudo::AndroidConfig>; 20 FuzzedDataProvider FDP(Data, Size); 21 22 uintptr_t FaultAddr = FDP.ConsumeIntegral<uintptr_t>(); 23 uintptr_t MemoryAddr = FDP.ConsumeIntegral<uintptr_t>(); 24 25 std::string MemoryAndTags = FDP.ConsumeRandomLengthString(FDP.remaining_bytes()); 26 const char *Memory = MemoryAndTags.c_str(); 27 // Assume 16-byte alignment. 28 size_t MemorySize = (MemoryAndTags.length() / 17) * 16; 29 const char *MemoryTags = Memory + MemorySize; 30 31 std::string StackDepotBytes = FDP.ConsumeRandomLengthString(FDP.remaining_bytes()); 32 std::vector<char> StackDepot(sizeof(scudo::StackDepot), 0); 33 for (size_t i = 0; i < StackDepotBytes.length() && i < StackDepot.size(); ++i) { 34 StackDepot[i] = StackDepotBytes[i]; 35 } 36 37 std::string RegionInfoBytes = FDP.ConsumeRemainingBytesAsString(); 38 std::vector<char> RegionInfo(AllocatorT::getRegionInfoArraySize(), 0); 39 for (size_t i = 0; i < RegionInfoBytes.length() && i < RegionInfo.size(); ++i) { 40 RegionInfo[i] = RegionInfoBytes[i]; 41 } 42 43 scudo_error_info ErrorInfo; 44 AllocatorT::getErrorInfo(&ErrorInfo, FaultAddr, StackDepot.data(), 45 RegionInfo.data(), Memory, MemoryTags, MemoryAddr, 46 MemorySize); 47 return 0; 48 } 49