1 //===-- get_error_info_fuzzer.cpp -----------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #define SCUDO_FUZZ 10 #include "allocator_config.h" 11 #include "combined.h" 12 13 #include <fuzzer/FuzzedDataProvider.h> 14 15 #include <string> 16 #include <vector> 17 18 extern "C" int LLVMFuzzerTestOneInput(uint8_t *Data, size_t Size) { 19 using AllocatorT = scudo::Allocator<scudo::AndroidConfig>; 20 FuzzedDataProvider FDP(Data, Size); 21 22 uintptr_t FaultAddr = FDP.ConsumeIntegral<uintptr_t>(); 23 uintptr_t MemoryAddr = FDP.ConsumeIntegral<uintptr_t>(); 24 25 std::string MemoryAndTags = 26 FDP.ConsumeRandomLengthString(FDP.remaining_bytes()); 27 const char *Memory = MemoryAndTags.c_str(); 28 // Assume 16-byte alignment. 29 size_t MemorySize = (MemoryAndTags.length() / 17) * 16; 30 const char *MemoryTags = Memory + MemorySize; 31 32 std::string StackDepotBytes = 33 FDP.ConsumeRandomLengthString(FDP.remaining_bytes()); 34 std::vector<char> StackDepot(sizeof(scudo::StackDepot), 0); 35 for (size_t i = 0; i < StackDepotBytes.length() && i < StackDepot.size(); 36 ++i) { 37 StackDepot[i] = StackDepotBytes[i]; 38 } 39 40 std::string RegionInfoBytes = FDP.ConsumeRemainingBytesAsString(); 41 std::vector<char> RegionInfo(AllocatorT::getRegionInfoArraySize(), 0); 42 for (size_t i = 0; i < RegionInfoBytes.length() && i < RegionInfo.size(); 43 ++i) { 44 RegionInfo[i] = RegionInfoBytes[i]; 45 } 46 47 scudo_error_info ErrorInfo; 48 AllocatorT::getErrorInfo(&ErrorInfo, FaultAddr, StackDepot.data(), 49 RegionInfo.data(), Memory, MemoryTags, MemoryAddr, 50 MemorySize); 51 return 0; 52 } 53