int main(int argc, char* argv[]) { LLVMFuzzerInitialize(&argc, &argv); if (argc < 2) { return LLVMFuzzerTestOneInput(" ", 1); } else { int nRet = 0; void* buf = NULL; int nLen = 0; FILE* f = fopen(argv[1], "rb"); if (!f) { fprintf(stderr, "%s does not exist.\n", argv[1]); exit(1); } fseek(f, 0, SEEK_END); nLen = (int)ftell(f); fseek(f, 0, SEEK_SET); buf = malloc(nLen); if (!buf) { fprintf(stderr, "malloc failed.\n"); fclose(f); exit(1); } if (fread(buf, nLen, 1, f) != 1) { fprintf(stderr, "fread failed.\n"); fclose(f); free(buf); exit(1); } fclose(f); nRet = LLVMFuzzerTestOneInput(buf, nLen); free(buf); return nRet; } }
int main(int argc, char **argv) { fprintf(stderr, "Running in AFl-fuzz mode\nUsage:\n" "afl-fuzz [afl-flags] %s [N] " "-- run N fuzzing iterations before " "re-spawning the process (default: 1000)\n", argv[0]); if (LLVMFuzzerInitialize) LLVMFuzzerInitialize(&argc, &argv); // Do any other expensive one-time initialization here. maybe_duplicate_stderr(); __afl_manual_init(); int N = 1000; if (argc >= 2) N = atoi(argv[1]); assert(N > 0); while (__afl_persistent_loop(N)) { ssize_t n_read = read(0, AflInputBuf, kMaxAflInputSize); if (n_read > 0) { // Copy AflInputBuf into a separate buffer to let asan find buffer // overflows. Don't use unique_ptr/etc to avoid extra dependencies. uint8_t *copy = new uint8_t[n_read]; memcpy(copy, AflInputBuf, n_read); LLVMFuzzerTestOneInput(copy, n_read); delete[] copy; } } }
int main(int argc, char **argv) { fprintf(stderr, "StandaloneFuzzTargetMain: running %d inputs\n", argc - 1); LLVMFuzzerInitialize(&argc, &argv); for (int i = 1; i < argc; i++) { fprintf(stderr, "Running: %s\n", argv[i]); FILE *f = fopen(argv[i], "r"); assert(f); fseek(f, 0, SEEK_END); size_t len = ftell(f); fseek(f, 0, SEEK_SET); unsigned char *buf = (unsigned char*)malloc(len); size_t n_read = fread(buf, 1, len, f); assert(n_read == len); LLVMFuzzerTestOneInput(buf, len); free(buf); fprintf(stderr, "Done: %s: (%zd bytes)\n", argv[i], n_read); } }