1  // Copyright 2017 Google Inc. All Rights Reserved.
 2  // Licensed under the Apache License, Version 2.0 (the "License");
 3  
 4  // Example of a standalone runner for "fuzz targets".
 5  // It reads all files passed as parameters and feeds their contents
 6  // one by one into the fuzz target (LLVMFuzzerTestOneInput).
 7  // This runner does not do any fuzzing, but allows us to run the fuzz target
 8  // on the test corpus (e.g. "do_stuff_test_data") or on a single file,
 9  // e.g. the one that comes from a bug report.
10  
11  #include <cassert>
12  #include <iostream>
13  #include <fstream>
14  #include <vector>
15  
16  // Forward declare the "fuzz target" interface.
17  // We deliberately keep this inteface simple and header-free.
18  extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
19  
20  int main(int argc, char **argv) {
21    for (int i = 1; i < argc; i++) {
22      std::ifstream in(argv[i]);
23      in.seekg(0, in.end);
24      size_t length = in.tellg();
25      in.seekg (0, in.beg);
26      std::cout << "Reading " << length << " bytes from " << argv[i] << std::endl;
27      // Allocate exactly length bytes so that we reliably catch buffer overflows.
28      std::vector<char> bytes(length);
29      in.read(bytes.data(), bytes.size());
30      assert(in);
31      LLVMFuzzerTestOneInput(reinterpret_cast<const uint8_t *>(bytes.data()),
32                             bytes.size());
33      std::cout << "Execution successfull" << std::endl;
34    }
35  }