AuroraMiddleware/lz4
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Seperating the seed generation and use

Browse Source
This commit is contained in:
Bimba Shrestha 2019-09-13 14:07:52 -07:00
parent 7d153a704d
commit 208694297a
10 changed files with 68 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ossfuzz/compress_frame_fuzzer.c
View File

@ -19,8 +19,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, LZ4_compressBound(size)); FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, LZ4_compressBound(size));
LZ4F_preferences_t const prefs = FUZZ_dataProducer_preferences(producer); LZ4F_preferences_t const prefs = FUZZ_dataProducer_preferences(producer);
size_t const compressBound = LZ4F_compressFrameBound(size, &prefs); size_t const compressBound = LZ4F_compressFrameBound(FUZZ_dataProducer_remainingBytes(producer), &prefs);
size_t const dstCapacity = FUZZ_dataProducer_uint32(producer, 0, compressBound); size_t const dstCapacitySeed = FUZZ_dataProducer_uint32_seed(producer, 0, compressBound);
size_t const dstCapacity = FUZZ_dataProducer_uint32(dstCapacitySeed,
0, FUZZ_dataProducer_remainingBytes(producer));
char* const dst = (char*)malloc(dstCapacity); char* const dst = (char*)malloc(dstCapacity);
char* const rt = (char*)malloc(size); char* const rt = (char*)malloc(size);

5
ossfuzz/compress_fuzzer.c
View File

@ -16,8 +16,9 @@
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size); FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
size_t const dstCapacity = FUZZ_dataProducer_uint32( size_t const dstCapacitySeed = FUZZ_dataProducer_uint32_seed(producer, 0, LZ4_compressBound(size));
producer, 0, LZ4_compressBound(size)); size_t const dstCapacity = FUZZ_dataProducer_uint32(dstCapacitySeed,
0, LZ4_compressBound(FUZZ_dataProducer_remainingBytes(producer)));
char* const dst = (char*)malloc(dstCapacity); char* const dst = (char*)malloc(dstCapacity);
char* const rt = (char*)malloc(size); char* const rt = (char*)malloc(size);

12
ossfuzz/compress_hc_fuzzer.c
View File

@ -17,12 +17,16 @@
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size); FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
size_t const dstCapacity = FUZZ_dataProducer_uint32( size_t const dstCapacitySeed = FUZZ_dataProducer_uint32_seed(producer,
producer, 0, LZ4_compressBound(size)); 0, LZ4_compressBound(size));
size_t const levelSeed = FUZZ_dataProducer_uint32_seed(producer,
LZ4HC_CLEVEL_MIN, LZ4HC_CLEVEL_MAX);
size_t const dstCapacity = FUZZ_dataProducer_uint32(dstCapacitySeed,
0, FUZZ_dataProducer_remainingBytes(producer));
int const level = FUZZ_dataProducer_uint32(
levelSeed, LZ4HC_CLEVEL_MIN, LZ4HC_CLEVEL_MAX);
char* const dst = (char*)malloc(dstCapacity); char* const dst = (char*)malloc(dstCapacity);
char* const rt = (char*)malloc(size); char* const rt = (char*)malloc(size);
int const level = FUZZ_dataProducer_uint32(
producer, LZ4HC_CLEVEL_MIN, LZ4HC_CLEVEL_MAX);
/* Restrict to remaining data from producer */ /* Restrict to remaining data from producer */
size = FUZZ_dataProducer_remainingBytes(producer); size = FUZZ_dataProducer_remainingBytes(producer);

10
ossfuzz/decompress_frame_fuzzer.c
View File

@ -31,11 +31,15 @@ static void decompress(LZ4F_dctx* dctx, void* dst, size_t dstCapacity,
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size); FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
size_t const dstCapacity = FUZZ_dataProducer_uint32( size_t const dstCapacitySeed = FUZZ_dataProducer_uint32_seed(producer,
producer, 0, 4 * size); 0, 4 * size);
size_t const largeDictSize = 64 * 1024; size_t const largeDictSize = 64 * 1024;
size_t const dictSizeSeed = FUZZ_dataProducer_uint32_seed(producer,
0, largeDictSize);
size_t const dstCapacity = FUZZ_dataProducer_uint32(
dstCapacitySeed, 0, 4 * FUZZ_dataProducer_remainingBytes(producer));
size_t const dictSize = FUZZ_dataProducer_uint32( size_t const dictSize = FUZZ_dataProducer_uint32(
producer, 0, largeDictSize); dictSizeSeed, 0, largeDictSize);
char* const dst = (char*)malloc(dstCapacity); char* const dst = (char*)malloc(dstCapacity);
char* const dict = (char*)malloc(dictSize); char* const dict = (char*)malloc(dictSize);
LZ4F_decompressOptions_t opts; LZ4F_decompressOptions_t opts;

5
ossfuzz/decompress_fuzzer.c
View File

@ -15,8 +15,9 @@
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size); FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
size_t const dstCapacity = FUZZ_dataProducer_uint32( size_t const dstCapacitySeed = FUZZ_dataProducer_uint32_seed(producer, 0, 4 * size);
producer, 0, 4 * size); size_t const dstCapacity = FUZZ_dataProducer_uint32(dstCapacitySeed,
0, 4 * FUZZ_dataProducer_remainingBytes(producer));
size_t const smallDictSize = size + 1; size_t const smallDictSize = size + 1;
size_t const largeDictSize = 64 * 1024 - 1; size_t const largeDictSize = 64 * 1024 - 1;
size_t const dictSize = MAX(smallDictSize, largeDictSize); size_t const dictSize = MAX(smallDictSize, largeDictSize);

36
ossfuzz/fuzz_data_producer.c
View File

@ -17,7 +17,7 @@ FUZZ_dataProducer_t *FUZZ_dataProducer_create(const uint8_t *data, size_t size)
void FUZZ_dataProducer_free(FUZZ_dataProducer_t *producer) { free(producer); } void FUZZ_dataProducer_free(FUZZ_dataProducer_t *producer) { free(producer); }
uint32_t FUZZ_dataProducer_uint32(FUZZ_dataProducer_t *producer, uint32_t min, uint32_t FUZZ_dataProducer_uint32_seed(FUZZ_dataProducer_t *producer, uint32_t min,
uint32_t max) { uint32_t max) {
FUZZ_ASSERT(min <= max); FUZZ_ASSERT(min <= max);
@ -32,24 +32,36 @@ uint32_t FUZZ_dataProducer_uint32(FUZZ_dataProducer_t *producer, uint32_t min,
rolling >>= 8; rolling >>= 8;
} }
if (range == 0xffffffff) { return result;
return result; }
}
return min + result % (range + 1); uint32_t FUZZ_dataProducer_uint32(uint32_t seed, uint32_t min, uint32_t max)
{
uint32_t range = max - min;
if (range == 0xffffffff) {
return seed;
}
return min + seed % (range + 1);
}
uint32_t FUZZ_dataProducer_uint32NonAdaptive(FUZZ_dataProducer_t* producer,
uint32_t min, uint32_t max)
{
size_t const seed = FUZZ_dataProducer_uint32_seed(producer, min, max);
return FUZZ_dataProducer_uint32(seed, min, max);
} }
LZ4F_frameInfo_t FUZZ_dataProducer_frameInfo(FUZZ_dataProducer_t* producer) LZ4F_frameInfo_t FUZZ_dataProducer_frameInfo(FUZZ_dataProducer_t* producer)
{ {
LZ4F_frameInfo_t info = LZ4F_INIT_FRAMEINFO; LZ4F_frameInfo_t info = LZ4F_INIT_FRAMEINFO;
info.blockSizeID = FUZZ_dataProducer_uint32(producer, LZ4F_max64KB - 1, LZ4F_max4MB); info.blockSizeID = FUZZ_dataProducer_uint32NonAdaptive(producer, LZ4F_max64KB - 1, LZ4F_max4MB);
if (info.blockSizeID < LZ4F_max64KB) { if (info.blockSizeID < LZ4F_max64KB) {
info.blockSizeID = LZ4F_default; info.blockSizeID = LZ4F_default;
} }
info.blockMode = FUZZ_dataProducer_uint32(producer, LZ4F_blockLinked, LZ4F_blockIndependent); info.blockMode = FUZZ_dataProducer_uint32NonAdaptive(producer, LZ4F_blockLinked, LZ4F_blockIndependent);
info.contentChecksumFlag = FUZZ_dataProducer_uint32(producer, LZ4F_noContentChecksum, info.contentChecksumFlag = FUZZ_dataProducer_uint32NonAdaptive(producer, LZ4F_noContentChecksum,
LZ4F_contentChecksumEnabled); LZ4F_contentChecksumEnabled);
info.blockChecksumFlag = FUZZ_dataProducer_uint32(producer, LZ4F_noBlockChecksum, info.blockChecksumFlag = FUZZ_dataProducer_uint32NonAdaptive(producer, LZ4F_noBlockChecksum,
LZ4F_blockChecksumEnabled); LZ4F_blockChecksumEnabled);
return info; return info;
} }
@ -58,9 +70,9 @@ LZ4F_preferences_t FUZZ_dataProducer_preferences(FUZZ_dataProducer_t* producer)
{ {
LZ4F_preferences_t prefs = LZ4F_INIT_PREFERENCES; LZ4F_preferences_t prefs = LZ4F_INIT_PREFERENCES;
prefs.frameInfo = FUZZ_dataProducer_frameInfo(producer); prefs.frameInfo = FUZZ_dataProducer_frameInfo(producer);
prefs.compressionLevel = FUZZ_dataProducer_uint32(producer, 0, LZ4HC_CLEVEL_MAX + 3) - 3; prefs.compressionLevel = FUZZ_dataProducer_uint32NonAdaptive(producer, 0, LZ4HC_CLEVEL_MAX + 3) - 3;
prefs.autoFlush = FUZZ_dataProducer_uint32(producer, 0, 1); prefs.autoFlush = FUZZ_dataProducer_uint32NonAdaptive(producer, 0, 1);
prefs.favorDecSpeed = FUZZ_dataProducer_uint32(producer, 0, 1); prefs.favorDecSpeed = FUZZ_dataProducer_uint32NonAdaptive(producer, 0, 1);
return prefs; return prefs;
} }

9
ossfuzz/fuzz_data_producer.h
View File

@ -16,8 +16,15 @@ FUZZ_dataProducer_t *FUZZ_dataProducer_create(const uint8_t *data, size_t size);
/* Frees the data producer */ /* Frees the data producer */
void FUZZ_dataProducer_free(FUZZ_dataProducer_t *producer); void FUZZ_dataProducer_free(FUZZ_dataProducer_t *producer);
/* Returns a seed value for the function after this one to consume */
uint32_t FUZZ_dataProducer_uint32_seed(FUZZ_dataProducer_t *producer, uint32_t min,
uint32_t max);
/* Returns value between [min, max] */ /* Returns value between [min, max] */
uint32_t FUZZ_dataProducer_uint32(FUZZ_dataProducer_t *producer, uint32_t min, uint32_t FUZZ_dataProducer_uint32(uint32_t seed, uint32_t min, uint32_t max);
/* Combination of above two functions for non adaptive use cases. ie where size is not involved */
uint32_t FUZZ_dataProducer_uint32NonAdaptive(FUZZ_dataProducer_t *producer, uint32_t min,
uint32_t max); uint32_t max);
/* Returns lz4 preferences */ /* Returns lz4 preferences */

7
ossfuzz/round_trip_frame_fuzzer.c
View File

@ -16,11 +16,12 @@
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t* producer = FUZZ_dataProducer_create(data, LZ4_compressBound(size)); FUZZ_dataProducer_t* producer = FUZZ_dataProducer_create(data, size);
LZ4F_preferences_t const prefs = FUZZ_dataProducer_preferences(producer); LZ4F_preferences_t const prefs = FUZZ_dataProducer_preferences(producer);
size_t const dstCapacity = LZ4F_compressFrameBound(size, &prefs); size_t const dstCapacity = LZ4F_compressFrameBound(
LZ4_compressBound(FUZZ_dataProducer_remainingBytes(producer)), &prefs);
char* const dst = (char*)malloc(dstCapacity); char* const dst = (char*)malloc(dstCapacity);
char* const rt = (char*)malloc(size); char* const rt = (char*)malloc(FUZZ_dataProducer_remainingBytes(producer));
FUZZ_ASSERT(dst); FUZZ_ASSERT(dst);
FUZZ_ASSERT(rt); FUZZ_ASSERT(rt);

4
ossfuzz/round_trip_fuzzer.c
View File

@ -15,7 +15,9 @@
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size); FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
size_t const partialCapacity = FUZZ_dataProducer_uint32(producer, 0, size); size_t const partialCapacitySeed = FUZZ_dataProducer_uint32_seed(producer, 0, size);
size_t const partialCapacity = FUZZ_dataProducer_uint32(partialCapacitySeed,
0, FUZZ_dataProducer_remainingBytes(producer));
size_t const dstCapacity = LZ4_compressBound(size); size_t const dstCapacity = LZ4_compressBound(size);
char* const dst = (char*)malloc(dstCapacity); char* const dst = (char*)malloc(dstCapacity);
char* const rt = (char*)malloc(size); char* const rt = (char*)malloc(size);

7
ossfuzz/round_trip_hc_fuzzer.c
View File

@ -16,11 +16,12 @@
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size); FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
size_t const dstCapacity = LZ4_compressBound(size); int const level = FUZZ_dataProducer_uint32NonAdaptive(producer,
LZ4HC_CLEVEL_MIN, LZ4HC_CLEVEL_MAX);
size_t const dstCapacity = LZ4_compressBound(
FUZZ_dataProducer_remainingBytes(producer));
char* const dst = (char*)malloc(dstCapacity); char* const dst = (char*)malloc(dstCapacity);
char* const rt = (char*)malloc(size); char* const rt = (char*)malloc(size);
int const level = FUZZ_dataProducer_uint32(
producer, LZ4HC_CLEVEL_MIN, LZ4HC_CLEVEL_MAX);
/* Restrict to remaining data from producer */ /* Restrict to remaining data from producer */
size = FUZZ_dataProducer_remainingBytes(producer); size = FUZZ_dataProducer_remainingBytes(producer);