summary refs log tree commit diff
path: root/fuzz/usb_descriptor_fuzzer.rs
diff options
context:
space:
mode:
authorDaniel Verkamp <dverkamp@chromium.org>2019-10-24 10:25:16 -0700
committerCommit Bot <commit-bot@chromium.org>2019-10-28 20:30:18 +0000
commitee723d5204f8a0741cf993900fb6471202db9a97 (patch)
treea6b9c09fd4f6997426aa83e48dc7af5a0bdfb443 /fuzz/usb_descriptor_fuzzer.rs
parent46ab05d1e982d5d52df3243475fa09f91b89f7d6 (diff)
downloadcrosvm-ee723d5204f8a0741cf993900fb6471202db9a97.tar
crosvm-ee723d5204f8a0741cf993900fb6471202db9a97.tar.gz
crosvm-ee723d5204f8a0741cf993900fb6471202db9a97.tar.bz2
crosvm-ee723d5204f8a0741cf993900fb6471202db9a97.tar.lz
crosvm-ee723d5204f8a0741cf993900fb6471202db9a97.tar.xz
crosvm-ee723d5204f8a0741cf993900fb6471202db9a97.tar.zst
crosvm-ee723d5204f8a0741cf993900fb6471202db9a97.zip
fuzz: convert fuzzers to cros_fuzz framework
This eliminates the boilerplate for catching panics and creating a Rust
slice from the fuzzer input data.

BUG=None
TEST=`USE='asan fuzzer' emerge-nami crosvm`

Change-Id: I49666a344b02e3333ad6823bfa7dace08b66b290
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1879495
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Diffstat (limited to 'fuzz/usb_descriptor_fuzzer.rs')
-rw-r--r--fuzz/usb_descriptor_fuzzer.rs22
1 files changed, 4 insertions, 18 deletions
diff --git a/fuzz/usb_descriptor_fuzzer.rs b/fuzz/usb_descriptor_fuzzer.rs
index d78c8c5..a33e7c7 100644
--- a/fuzz/usb_descriptor_fuzzer.rs
+++ b/fuzz/usb_descriptor_fuzzer.rs
@@ -4,24 +4,10 @@
 
 #![no_main]
 
-use std::panic;
-use std::process;
-use std::slice;
+use cros_fuzz::fuzz_target;
 
 use usb_util::parse_usbfs_descriptors;
 
-#[export_name = "LLVMFuzzerTestOneInput"]
-pub fn test_one_input(data: *const u8, size: usize) -> i32 {
-    // We cannot unwind past ffi boundaries.
-    panic::catch_unwind(|| {
-        // Safe because the libfuzzer runtime will guarantee that `data` is at least
-        // `size` bytes long and that it will be valid for the lifetime of this
-        // function.
-        let bytes = unsafe { slice::from_raw_parts(data, size) };
-        let _ = parse_usbfs_descriptors(bytes);
-    })
-    .err()
-    .map(|_| process::abort());
-
-    0
-}
+fuzz_target!(|data| {
+    let _ = parse_usbfs_descriptors(data);
+});
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-26 08:51:49 +0000