libfuzzer/fuzztarget

Search:
Group by:
Source   Edit  

NOTE: the libFuzzer interface is thin and in the majority of cases all you need is to define the procedure testOneInput in your file.

Procs

proc customCrossOver(data1: ptr UncheckedArray[byte]; len1: int;
                     data2: ptr UncheckedArray[byte]; len2: int;
                     res: ptr UncheckedArray[byte]; maxResLen: int; seed: int64): int {.
    exportc: "LLVMFuzzerCustomCrossOver", ...raises: [], tags: [], forbids: [].}
Optional user-provided custom cross-over procedure. Combines pieces of data1 & data2 together into res. Returns the new length, which is not greater than maxResLen. Should produce the same mutation given the same seed. Source   Edit   
proc customMutator(data: ptr UncheckedArray[byte]; len, maxLen: int; seed: int64): int {.
    exportc: "LLVMFuzzerCustomMutator", ...raises: [], tags: [], forbids: [].}
Optional user-provided custom mutator. Mutates raw data in data[0..<len] inplace. Returns the new length, which is not greater than maxLen. Given the same seed produces the same mutation. Source   Edit   
proc initialize(): cint {.exportc: "LLVMFuzzerInitialize", ...raises: [], tags: [],
                          forbids: [].}
Initialize Nim's internals, which is done calling a NimMain function. Source   Edit   
proc mutate(data: ptr UncheckedArray[byte]; len, maxLen: int): int {.
    importc: "LLVMFuzzerMutate", ...raises: [], tags: [], forbids: [].}
Experimental, may go away in future. libFuzzer-provided procedure to be used inside customMutator. Mutates raw data in data[0..<len] inplace. Returns the new length, which is not greater than maxLen. Source   Edit   
proc standaloneFuzzTarget() {....raises: [IOError, ValueError],
                              tags: [WriteIOEffect, ReadIOEffect], forbids: [].}

Standalone main procedure for fuzz targets.

Use -d:fuzzSa to call standaloneFuzzTarget to provide reproducers for bugs when linking against libFuzzer is undesirable.

Source   Edit   
proc testOneInput(data: ptr UncheckedArray[byte]; len: int): cint {.
    exportc: "LLVMFuzzerTestOneInput", ...raises: [], tags: [], forbids: [].}
Mandatory user-provided target procedure. Executes the code under test with data as the input. libFuzzer will invoke this procedure many times with different inputs. Must return 0. Source   Edit  

Made with Nim. Generated: 2023-02-11 19:13:10 UTC