Doomhowl-Interactive/llvm-project
0
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Files
main
llvm-project/libc/fuzzing/string/strnlen_s_differential_fuzz.cpp
Victor Campos e455e6c9ec [libc] Add Annex K strnlen_s function (#186112) 
This patch adds the `strnlen_s` function from Annex K.

In order to reduce duplication between `strnlen` and `strnlen_s`, the
common logic has been extracted to a new internal function which both
now call.

In addition to the function definition, the patch adds a unit test and a
fuzzing test.
2026-04-13 13:10:27 +01:00

60 lines
1.9 KiB
C++
Raw Permalink Blame History

//===-- strnlen_s_differential_fuzz.cpp -----------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
///
/// Differential fuzz test for llvm-libc strnlen_s implementation.
///
//===----------------------------------------------------------------------===//
#define __STDC_WANT_LIB_EXT1__ 1
#include "src/string/strnlen_s.h"
#include <stdint.h>
#include <string.h>
extern "C" size_t LLVMFuzzerMutate(uint8_t *data, size_t size, size_t max_size);
extern "C" size_t LLVMFuzzerCustomMutator(uint8_t *data, size_t size,
size_t max_size,
unsigned int /*seed*/) {
// The buffer is constructed as follows:
// data = max_len (size_t) + null-terminated string
if (max_size < sizeof(size_t) + 1)
return size;
do {
size = LLVMFuzzerMutate(data, size, max_size);
} while (size < sizeof(size_t) + 1);
data[size - 1] = '\0';
return size;
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
if (size < sizeof(size_t) + 1)
return 0;
size_t max_len;
::memcpy(&max_len, data, sizeof(size_t));
data += sizeof(size_t);
// If Annex K is not available in the system's C library, we compare against
// strnlen instead. We can assume this is valid because in the case where the
// input string is not null, the two functions must have identical semantics.
#ifdef __STDC_LIB_EXT1__
size_t ref = ::strnlen_s(reinterpret_cast<const char *>(data), max_len);
#else
size_t ref = ::strnlen(reinterpret_cast<const char *>(data), max_len);
#endif
size_t impl =
LIBC_NAMESPACE::strnlen_s(reinterpret_cast<const char *>(data), max_len);
if (ref != impl)
__builtin_trap();
return 0;
}
Reference in New Issue View Git Blame Copy Permalink