1*ee754c2dSkamil //===- FuzzerInterface.h - Interface header for the Fuzzer ------*- C++ -* ===// 2*ee754c2dSkamil // 3*ee754c2dSkamil // The LLVM Compiler Infrastructure 4*ee754c2dSkamil // 5*ee754c2dSkamil // This file is distributed under the University of Illinois Open Source 6*ee754c2dSkamil // License. See LICENSE.TXT for details. 7*ee754c2dSkamil // 8*ee754c2dSkamil //===----------------------------------------------------------------------===// 9*ee754c2dSkamil // Define the interface between libFuzzer and the library being tested. 10*ee754c2dSkamil //===----------------------------------------------------------------------===// 11*ee754c2dSkamil 12*ee754c2dSkamil // NOTE: the libFuzzer interface is thin and in the majority of cases 13*ee754c2dSkamil // you should not include this file into your target. In 95% of cases 14*ee754c2dSkamil // all you need is to define the following function in your file: 15*ee754c2dSkamil // extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); 16*ee754c2dSkamil 17*ee754c2dSkamil // WARNING: keep the interface in C. 18*ee754c2dSkamil 19*ee754c2dSkamil #ifndef LLVM_FUZZER_INTERFACE_H 20*ee754c2dSkamil #define LLVM_FUZZER_INTERFACE_H 21*ee754c2dSkamil 22*ee754c2dSkamil #include <stddef.h> 23*ee754c2dSkamil #include <stdint.h> 24*ee754c2dSkamil 25*ee754c2dSkamil #ifdef __cplusplus 26*ee754c2dSkamil extern "C" { 27*ee754c2dSkamil #endif // __cplusplus 28*ee754c2dSkamil 29*ee754c2dSkamil // Mandatory user-provided target function. 30*ee754c2dSkamil // Executes the code under test with [Data, Data+Size) as the input. 31*ee754c2dSkamil // libFuzzer will invoke this function *many* times with different inputs. 32*ee754c2dSkamil // Must return 0. 33*ee754c2dSkamil __attribute__((visibility("default"))) int 34*ee754c2dSkamil LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); 35*ee754c2dSkamil 36*ee754c2dSkamil // Optional user-provided initialization function. 37*ee754c2dSkamil // If provided, this function will be called by libFuzzer once at startup. 38*ee754c2dSkamil // It may read and modify argc/argv. 39*ee754c2dSkamil // Must return 0. 40*ee754c2dSkamil __attribute__((visibility("default"))) int LLVMFuzzerInitialize(int *argc, 41*ee754c2dSkamil char ***argv); 42*ee754c2dSkamil 43*ee754c2dSkamil // Optional user-provided custom mutator. 44*ee754c2dSkamil // Mutates raw data in [Data, Data+Size) inplace. 45*ee754c2dSkamil // Returns the new size, which is not greater than MaxSize. 46*ee754c2dSkamil // Given the same Seed produces the same mutation. 47*ee754c2dSkamil __attribute__((visibility("default"))) size_t 48*ee754c2dSkamil LLVMFuzzerCustomMutator(uint8_t *Data, size_t Size, size_t MaxSize, 49*ee754c2dSkamil unsigned int Seed); 50*ee754c2dSkamil 51*ee754c2dSkamil // Optional user-provided custom cross-over function. 52*ee754c2dSkamil // Combines pieces of Data1 & Data2 together into Out. 53*ee754c2dSkamil // Returns the new size, which is not greater than MaxOutSize. 54*ee754c2dSkamil // Should produce the same mutation given the same Seed. 55*ee754c2dSkamil __attribute__((visibility("default"))) size_t 56*ee754c2dSkamil LLVMFuzzerCustomCrossOver(const uint8_t *Data1, size_t Size1, 57*ee754c2dSkamil const uint8_t *Data2, size_t Size2, uint8_t *Out, 58*ee754c2dSkamil size_t MaxOutSize, unsigned int Seed); 59*ee754c2dSkamil 60*ee754c2dSkamil // Experimental, may go away in future. 61*ee754c2dSkamil // libFuzzer-provided function to be used inside LLVMFuzzerCustomMutator. 62*ee754c2dSkamil // Mutates raw data in [Data, Data+Size) inplace. 63*ee754c2dSkamil // Returns the new size, which is not greater than MaxSize. 64*ee754c2dSkamil __attribute__((visibility("default"))) size_t 65*ee754c2dSkamil LLVMFuzzerMutate(uint8_t *Data, size_t Size, size_t MaxSize); 66*ee754c2dSkamil 67*ee754c2dSkamil #ifdef __cplusplus 68*ee754c2dSkamil } // extern "C" 69*ee754c2dSkamil #endif // __cplusplus 70*ee754c2dSkamil 71*ee754c2dSkamil #endif // LLVM_FUZZER_INTERFACE_H 72