tests/fuzz/dictionary_loader.c

*3117ece4Schristos/*
*3117ece4Schristos * Copyright (c) Meta Platforms, Inc. and affiliates.
*3117ece4Schristos * All rights reserved.
*3117ece4Schristos *
*3117ece4Schristos * This source code is licensed under both the BSD-style license (found in the
*3117ece4Schristos * LICENSE file in the root directory of this source tree) and the GPLv2 (found
*3117ece4Schristos * in the COPYING file in the root directory of this source tree).
*3117ece4Schristos * You may select, at your option, one of the above-listed licenses.
*3117ece4Schristos */
*3117ece4Schristos
*3117ece4Schristos/**
*3117ece4Schristos * This fuzz target makes sure that whenever a compression dictionary can be
*3117ece4Schristos * loaded, the data can be round tripped.
*3117ece4Schristos */
*3117ece4Schristos
*3117ece4Schristos#include <stddef.h>
*3117ece4Schristos#include <stdlib.h>
*3117ece4Schristos#include <stdio.h>
*3117ece4Schristos#include <string.h>
*3117ece4Schristos#include "fuzz_helpers.h"
*3117ece4Schristos#include "zstd_helpers.h"
*3117ece4Schristos#include "fuzz_data_producer.h"
*3117ece4Schristos#include "fuzz_third_party_seq_prod.h"
*3117ece4Schristos
*3117ece4Schristos/**
*3117ece4Schristos * Compresses the data and returns the compressed size or an error.
*3117ece4Schristos */
*3117ece4Schristosstatic size_t compress(void* compressed, size_t compressedCapacity,
*3117ece4Schristos                       void const* source, size_t sourceSize,
*3117ece4Schristos                       void const* dict, size_t dictSize,
*3117ece4Schristos                       ZSTD_dictLoadMethod_e dictLoadMethod,
*3117ece4Schristos                       ZSTD_dictContentType_e dictContentType,
*3117ece4Schristos                       int const refPrefix)
*3117ece4Schristos{
*3117ece4Schristos    ZSTD_CCtx* cctx = ZSTD_createCCtx();
*3117ece4Schristos    if (refPrefix)
*3117ece4Schristos        FUZZ_ZASSERT(ZSTD_CCtx_refPrefix_advanced(
*3117ece4Schristos            cctx, dict, dictSize, dictContentType));
*3117ece4Schristos    else
*3117ece4Schristos        FUZZ_ZASSERT(ZSTD_CCtx_loadDictionary_advanced(
*3117ece4Schristos            cctx, dict, dictSize, dictLoadMethod, dictContentType));
*3117ece4Schristos    size_t const compressedSize = ZSTD_compress2(
*3117ece4Schristos            cctx, compressed, compressedCapacity, source, sourceSize);
*3117ece4Schristos    ZSTD_freeCCtx(cctx);
*3117ece4Schristos    return compressedSize;
*3117ece4Schristos}
*3117ece4Schristos
*3117ece4Schristosstatic size_t decompress(void* result, size_t resultCapacity,
*3117ece4Schristos                         void const* compressed, size_t compressedSize,
*3117ece4Schristos                         void const* dict, size_t dictSize,
*3117ece4Schristos                       ZSTD_dictLoadMethod_e dictLoadMethod,
*3117ece4Schristos                         ZSTD_dictContentType_e dictContentType,
*3117ece4Schristos                         int const refPrefix)
*3117ece4Schristos{
*3117ece4Schristos    ZSTD_DCtx* dctx = ZSTD_createDCtx();
*3117ece4Schristos    if (refPrefix)
*3117ece4Schristos        FUZZ_ZASSERT(ZSTD_DCtx_refPrefix_advanced(
*3117ece4Schristos            dctx, dict, dictSize, dictContentType));
*3117ece4Schristos    else
*3117ece4Schristos        FUZZ_ZASSERT(ZSTD_DCtx_loadDictionary_advanced(
*3117ece4Schristos            dctx, dict, dictSize, dictLoadMethod, dictContentType));
*3117ece4Schristos    size_t const resultSize = ZSTD_decompressDCtx(
*3117ece4Schristos            dctx, result, resultCapacity, compressed, compressedSize);
*3117ece4Schristos    FUZZ_ZASSERT(resultSize);
*3117ece4Schristos    ZSTD_freeDCtx(dctx);
*3117ece4Schristos    return resultSize;
*3117ece4Schristos}
*3117ece4Schristos
*3117ece4Schristosint LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
*3117ece4Schristos{
*3117ece4Schristos    FUZZ_SEQ_PROD_SETUP();
*3117ece4Schristos    FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size);
*3117ece4Schristos    int const refPrefix = FUZZ_dataProducer_uint32Range(producer, 0, 1) != 0;
*3117ece4Schristos    ZSTD_dictLoadMethod_e const dlm =
*3117ece4Schristos    size = FUZZ_dataProducer_uint32Range(producer, 0, 1);
*3117ece4Schristos    ZSTD_dictContentType_e const dct =
*3117ece4Schristos            FUZZ_dataProducer_uint32Range(producer, 0, 2);
*3117ece4Schristos    size = FUZZ_dataProducer_remainingBytes(producer);
*3117ece4Schristos
*3117ece4Schristos    DEBUGLOG(2, "Dict load method %d", dlm);
*3117ece4Schristos    DEBUGLOG(2, "Dict content type %d", dct);
*3117ece4Schristos    DEBUGLOG(2, "Dict size %u", (unsigned)size);
*3117ece4Schristos
*3117ece4Schristos    void* const rBuf = FUZZ_malloc(size);
*3117ece4Schristos    size_t const cBufSize = ZSTD_compressBound(size);
*3117ece4Schristos    void* const cBuf = FUZZ_malloc(cBufSize);
*3117ece4Schristos
*3117ece4Schristos    size_t const cSize =
*3117ece4Schristos            compress(cBuf, cBufSize, src, size, src, size, dlm, dct, refPrefix);
*3117ece4Schristos    /* compression failing is okay */
*3117ece4Schristos    if (ZSTD_isError(cSize)) {
*3117ece4Schristos      FUZZ_ASSERT_MSG(dct != ZSTD_dct_rawContent, "Raw must always succeed!");
*3117ece4Schristos      goto out;
*3117ece4Schristos    }
*3117ece4Schristos    size_t const rSize =
*3117ece4Schristos            decompress(rBuf, size, cBuf, cSize, src, size, dlm, dct, refPrefix);
*3117ece4Schristos    FUZZ_ASSERT_MSG(rSize == size, "Incorrect regenerated size");
*3117ece4Schristos    FUZZ_ASSERT_MSG(!FUZZ_memcmp(src, rBuf, size), "Corruption!");
*3117ece4Schristos
*3117ece4Schristosout:
*3117ece4Schristos    free(cBuf);
*3117ece4Schristos    free(rBuf);
*3117ece4Schristos    FUZZ_dataProducer_free(producer);
*3117ece4Schristos    FUZZ_SEQ_PROD_TEARDOWN();
*3117ece4Schristos    return 0;
*3117ece4Schristos}