release-request-d9dc98f7-19b2-484c-b4d1-f35dc43e9c05-for-git_oc-mr1-release-4152006 snap-temp-L91700000079405440
Change-Id: Ib82284d0a9202a72569266cd9296a0a1c0ff2060
diff --git a/iface_fuzzer/ProtoFuzzerMain.cpp b/iface_fuzzer/ProtoFuzzerMain.cpp
index 59ec328..6b79192 100644
--- a/iface_fuzzer/ProtoFuzzerMain.cpp
+++ b/iface_fuzzer/ProtoFuzzerMain.cpp
@@ -83,14 +83,13 @@
extern "C" size_t LLVMFuzzerCustomMutator(uint8_t *data, size_t size,
size_t max_size, unsigned int seed) {
ExecSpec exec_spec{};
- if (!exec_spec.ParseFromArray(data, size)) {
+ if (!FromArray(data, size, &exec_spec)) {
exec_spec =
mutator->RandomGen(runner->GetOpenedIfaces(), params.exec_size_);
} else {
mutator->Mutate(runner->GetOpenedIfaces(), &exec_spec);
}
- exec_spec.SerializeToArray(data, exec_spec.ByteSize());
- return exec_spec.ByteSize();
+ return ToArray(data, size, &exec_spec);
}
// TODO(trong): implement a meaningful cross-over mechanism.
@@ -103,9 +102,9 @@
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
- ExecSpec exec_spec;
- if (!exec_spec.ParseFromArray(data, size) ||
- exec_spec.function_call_size() == 0) {
+ ExecSpec exec_spec{};
+ if (!FromArray(data, size, &exec_spec)) {
+ cerr << "Failed to deserialize an ExecSpec." << endl;
return 0;
}
runner->Execute(exec_spec);
diff --git a/iface_fuzzer/ProtoFuzzerUtils.cpp b/iface_fuzzer/ProtoFuzzerUtils.cpp
index b6c2231..6dbdb0a 100644
--- a/iface_fuzzer/ProtoFuzzerUtils.cpp
+++ b/iface_fuzzer/ProtoFuzzerUtils.cpp
@@ -155,6 +155,19 @@
return predefined_types;
}
+bool FromArray(const uint8_t *data, size_t size, ExecSpec *exec_spec) {
+ // TODO(b/63136690): Use checksum to validate exec_spec more reliably.
+ return exec_spec->ParseFromArray(data, size) && exec_spec->has_valid() &&
+ exec_spec->valid();
+}
+
+size_t ToArray(uint8_t *data, size_t size, ExecSpec *exec_spec) {
+ exec_spec->set_valid(true);
+ size_t exec_size = exec_spec->ByteSize();
+ exec_spec->SerializeToArray(data, exec_size);
+ return exec_size;
+}
+
} // namespace fuzzer
} // namespace vts
} // namespace android
diff --git a/iface_fuzzer/include/ProtoFuzzerUtils.h b/iface_fuzzer/include/ProtoFuzzerUtils.h
index 753a2be..85af37f 100644
--- a/iface_fuzzer/include/ProtoFuzzerUtils.h
+++ b/iface_fuzzer/include/ProtoFuzzerUtils.h
@@ -88,6 +88,13 @@
std::unordered_map<std::string, TypeSpec> ExtractPredefinedTypes(
const std::vector<CompSpec> &);
+// Serializes ExecSpec into byte form and writes it to buffer. Returns number of
+// written bytes.
+size_t ToArray(uint8_t *, size_t, ExecSpec *);
+
+// Deserializes given buffer to an ExecSpec. Returns true on success.
+bool FromArray(const uint8_t *, size_t, ExecSpec *);
+
} // namespace fuzzer
} // namespace vts
} // namespace android
