infix/fuzz__helpers_8h_source.html

#pragma once

#include "common/infix_internals.h"

#include <infix/infix.h>

#include <stdbool.h>

#include <stddef.h>

#include <stdint.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>


#define MAX_RECURSION_DEPTH 32

#define MAX_MEMBERS 16

#define MAX_ARRAY_ELEMENTS 128

#define MAX_TYPES_IN_POOL 16

#define MAX_ARGS_IN_SIGNATURE 16

#define MAX_TOTAL_FUZZ_FIELDS 256


typedef struct {

    const uint8_t * data;

    size_t size;

} fuzzer_input;


static inline const uint8_t * consume_bytes(fuzzer_input * in, size_t n) {

    if (in->size < n)

        return NULL;

    const uint8_t * ptr = in->data;

    in->data += n;

    in->size -= n;

    return ptr;

}


#define DEFINE_CONSUME_T(type)                                         \

    static inline bool consume_##type(fuzzer_input * in, type * out) { \

        const uint8_t * bytes = consume_bytes(in, sizeof(type));       \

        if (!bytes)                                                    \

            return false;                                              \

        memcpy(out, bytes, sizeof(type));                              \

        return true;                                                   \

    }


// Generate consumer functions for common types used in the fuzzers.

DEFINE_CONSUME_T(uint8_t)

DEFINE_CONSUME_T(size_t)


infix_type * generate_random_type(infix_arena_t * arena, fuzzer_input * in, int depth, size_t * total_fields);

arena
infix_arena_t * arena
Definition 005_layouts.c:68

DEFINE_CONSUME_T
#define DEFINE_CONSUME_T(type)
Definition fuzz_helpers.h:96

generate_random_type
infix_type * generate_random_type(infix_arena_t *arena, fuzzer_input *in, int depth, size_t *total_fields)
Recursively generates a random infix_type graph from a fuzzer input stream.
Definition fuzz_helpers.c:55

consume_bytes
static const uint8_t * consume_bytes(fuzzer_input *in, size_t n)
Definition fuzz_helpers.h:79

infix.h
The public interface for the infix FFI library.

infix_internals.h
Internal data structures, function prototypes, and constants.

fuzzer_input
Represents the fuzzer's input data as a consumable stream.
Definition fuzz_helpers.h:62

fuzzer_input::size
size_t size
Definition fuzz_helpers.h:64

fuzzer_input::data
const uint8_t * data
Definition fuzz_helpers.h:63

infix_arena_t
Internal definition of a memory arena.
Definition infix_internals.h:146

infix_type_t
A semi-opaque structure that describes a C type.
Definition infix.h:211