added fuzzing client [skip ci]

danmar · Jul 14, 2024 · ab65426 · ab65426
1 parent 9f55d0e
commit ab65426
Show file tree

Hide file tree

Showing 2 changed files with 81 additions and 4 deletions.
diff --git a/Makefile b/Makefile
@@ -4,23 +4,33 @@ CXXFLAGS = -Wall -Wextra -pedantic -Wcast-qual -Wfloat-equal -Wmissing-declarati
 LDFLAGS = -g
 
 %.o: %.cpp	simplecpp.h
-	$(CXX) $(CXXFLAGS) -c $<
+	$(CXX) $(CXXFLAGS) -c $< $(LIB_FUZZING_ENGINE)
 
+fuzz_no.o: fuzz.cpp
+	$(CXX) $(CXXFLAGS) -DNO_FUZZ -c -o $@ fuzz.cpp
 
 testrunner:	test.o	simplecpp.o
-	$(CXX) $(LDFLAGS) simplecpp.o test.o -o testrunner
+	$(CXX) $(LDFLAGS) -o $@ $^
 
 test:	testrunner	simplecpp
 	# The -std=c++03 makes sure that simplecpp.cpp is C++03 conformant. We don't require a C++11 compiler
 	g++ -std=c++03 -fsyntax-only simplecpp.cpp
 	./testrunner
 	python3 run-tests.py
 
+fuzz:	fuzz.o simplecpp.o
+	# TODO: use -stdlib=libc++ -lc++
+	# make fuzz CXX=clang++ CXXFLAGS="-O2 -fno-omit-frame-pointer -g -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address,undefined -fsanitize-address-use-after-scope -fno-sanitize=integer -fno-sanitize-recover=undefined" LIB_FUZZING_ENGINE="-fsanitize=fuzzer"
+	$(CXX) $(LDFLAGS) $(CXXFLAGS) -o $@ $^ $(LIB_FUZZING_ENGINE)
+
+no-fuzz:	fuzz_no.o simplecpp.o
+	$(CXX) $(LDFLAGS) $(CXXFLAGS) -o $@ $^
+
 selfcheck:	simplecpp
 	./selfcheck.sh
 
 simplecpp:	main.o simplecpp.o
-	$(CXX) $(LDFLAGS) main.o simplecpp.o -o simplecpp
+	$(CXX) $(LDFLAGS) -o $@ $^
 
 clean:
-	rm -f testrunner simplecpp *.o
+	rm -f testrunner fuzz no-fuzz simplecpp *.o
diff --git a/fuzz.cpp b/fuzz.cpp
@@ -0,0 +1,67 @@
+/*
+ * simplecpp - A simple and high-fidelity C/C++ preprocessor library
+ * Copyright (C) 2016-2024 simplecpp team
+ */
+
+#include "simplecpp.h"
+
+#include <cstdint>
+
+#ifdef NO_FUZZ
+#include <cstdlib>
+#include <fstream>
+#include <sstream>
+#include <string>
+#endif
+
+static void doProcess(const uint8_t *data, size_t dataSize)
+{
+    simplecpp::OutputList outputList;
+    std::vector<std::string> files;
+    simplecpp::TokenList rawtokens(data, dataSize, files, "test.cpp", &outputList);
+    rawtokens.removeComments();
+
+    simplecpp::TokenList outputTokens(files);
+    std::map<std::string, simplecpp::TokenList*> filedata;
+    simplecpp::DUI dui;
+    dui.removeComments = true;
+    std::list<simplecpp::MacroUsage> macroUsage;
+    std::list<simplecpp::IfCond> ifCond;
+    simplecpp::preprocess(outputTokens, rawtokens, files, filedata, dui, &outputList, &macroUsage, &ifCond);
+
+    simplecpp::cleanup(filedata);
+}
+
+#ifndef NO_FUZZ
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t dataSize);
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t dataSize)
+{
+    doProcess(data, dataSize);
+    return 0;
+}
+#else
+int main(int argc, char * argv[])
+{
+    if (argc < 2 || argc > 3)
+        return EXIT_FAILURE;
+
+    std::ifstream f(argv[1]);
+    if (!f.is_open())
+        return EXIT_FAILURE;
+
+    std::ostringstream oss;
+    oss << f.rdbuf();
+
+    if (!f.good())
+        return EXIT_FAILURE;
+
+    const int cnt = (argc == 3) ? std::stoi(argv[2]) : 1;
+
+    const std::string code = oss.str();
+    for (int i = 0; i < cnt; ++i)
+        doProcess(reinterpret_cast<const uint8_t*>(code.data()), code.size());
+
+    return EXIT_SUCCESS;
+}
+#endif