mirrors/llvm-project
0
0
Fork 0
mirror of https://github.com/llvm/llvm-project.git synced 2025-04-28 10:16:06 +00:00
Code Issues Projects Releases Wiki Activity
llvm-project/compiler-rt/test/fuzzer/KeepSeedTest.cpp
Dokyung Song 62673c430d [libFuzzer] Add an option to keep initial seed inputs around. 
This patch adds an option "keep_seed" to keep all initial seed inputs in the
corpus. Previously, only the initial seed inputs that find new coverage were
added to the corpus, and all the other initial inputs were discarded. We
observed in some circumstances that useful initial seed inputs are discarded as
they find no new coverage, even though they contain useful fragments in them
(e.g., SQLITE3 FuzzBench benchmark). This newly added option provides a way to
keeping seed inputs in the corpus for those circumstances. With this patch, and
with -keep_seed=1, all initial seed inputs are kept in the corpus regardless of
whether they find new coverage or not. Further, these seed inputs are not
replaced with smaller inputs even if -reduce_inputs=1.

Differential Revision: https://reviews.llvm.org/D86577
2020-09-03 15:54:39 +00:00

38 lines
1.3 KiB
C++
Raw Blame History

// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// Test whether the fuzzer can find "SELECT FROM WHERE", given a seed input
// "SELECTxFROMxWHERE". Without -keep_seed=1, it takes longer time to trigger
// find the desired string, because the seed input is more likely to be reduced
// to a prefix of the given input first, losing useful fragments towards the end
// of the seed input.
#include <cstdint>
#include <cstdio>
#include <cstdlib>
#include <cstring>
static volatile int Sink = 0;
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
if (Size > 17)
return 0;
if (Size >= 6 && Data[0] == 'S' && Data[1] == 'E' && Data[2] == 'L' &&
Data[3] == 'E' && Data[4] == 'C' && Data[5] == 'T') {
if (Size >= 7 && Data[6] == ' ') {
if (Size >= 11 && Data[7] == 'F' && Data[8] == 'R' && Data[9] == 'O' &&
Data[10] == 'M') {
if (Size >= 12 && Data[11] == ' ') {
if (Size >= 17 && Data[12] == 'W' && Data[13] == 'H' &&
Data[14] == 'E' && Data[15] == 'R' && Data[16] == 'E') {
fprintf(stderr, "BINGO; Found the target, exiting.\n");
exit(1);
}
}
}
}
}
return 0;
}
Reference in New Issue View Git Blame Copy Permalink