summaryrefslogtreecommitdiffstats
path: root/tools/fuzzing/interface/FuzzingInterface.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'tools/fuzzing/interface/FuzzingInterface.cpp')
-rw-r--r--tools/fuzzing/interface/FuzzingInterface.cpp39
1 files changed, 39 insertions, 0 deletions
diff --git a/tools/fuzzing/interface/FuzzingInterface.cpp b/tools/fuzzing/interface/FuzzingInterface.cpp
index f06ca68656..ba932c4b2a 100644
--- a/tools/fuzzing/interface/FuzzingInterface.cpp
+++ b/tools/fuzzing/interface/FuzzingInterface.cpp
@@ -28,3 +28,42 @@ LazyLogModule gFuzzingLog("nsFuzzing");
#endif
} // namespace mozilla
+
+#ifdef AFLFUZZ
+__AFL_FUZZ_INIT();
+
+int afl_interface_raw(FuzzingTestFuncRaw testFunc) {
+ __AFL_INIT();
+ char* testFilePtr = getenv("MOZ_FUZZ_TESTFILE");
+ uint8_t* buf = NULL;
+
+ if (testFilePtr) {
+ std::string testFile(testFilePtr);
+ while (__AFL_LOOP(1000)) {
+ std::ifstream is;
+ is.open(testFile, std::ios::binary);
+ is.seekg(0, std::ios::end);
+ size_t len = is.tellg();
+ is.seekg(0, std::ios::beg);
+ MOZ_RELEASE_ASSERT(len >= 0);
+ if (!len) {
+ is.close();
+ continue;
+ }
+ buf = reinterpret_cast<uint8_t*>(realloc(buf, len));
+ MOZ_RELEASE_ASSERT(buf);
+ is.read(reinterpret_cast<char*>(buf), len);
+ is.close();
+ testFunc(buf, len);
+ }
+ } else {
+ buf = __AFL_FUZZ_TESTCASE_BUF;
+ while (__AFL_LOOP(1000)) {
+ size_t len = __AFL_FUZZ_TESTCASE_LEN;
+ testFunc(buf, len);
+ }
+ }
+
+ return 0;
+}
+#endif // AFLFUZZ
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-20 11:36:36 +0000