search

rust-fuzz / libfuzzer

Rust bindings and utilities for LLVM’s libFuzzer
Apache License 2.0
209 stars 44 forks source link

Macro to expand from idiomatic Rust function to libfuzzer compatible function #4

Closed frewsxcv closed 7 years ago

frewsxcv commented 7 years ago

This might be a good starting task to keep the momentum going for this repo.

Expand this:

#![no_main]

#[macro_use]
extern crate fuzzer;

fuzzer_target!(
    fn some_name(in: &[u8]) -> i32 {
        // Fuzz body here
        0
    }
)

Into:

#![no_main]

#[macro_use]
extern crate fuzzer;

#[export_name="LLVMFuzzerTestOneInput"]
pub extern fn some_name(data: *const u8, size: isize) -> i32 {
    fn inner(in: &[u8]) -> i32 {
        // Fuzz body here
        0
    }
    let in = unsafe { slice::from_raw_parts(data, size) };
    inner(in)
}

Thoughts?

nagisa commented 7 years ago

Seems okay to me. It would make sense to provide it within fuzzer_sys itself, as this crate does not have any bindings anyway, at least for the time being.

frewsxcv commented 7 years ago

@ner0x652 expressed an interest in working on this.

0xcpu commented 7 years ago

From which module should the macro be exported, src/lib.rs ?

frewsxcv commented 7 years ago

Yeah, that's fine for now

nagisa commented 7 years ago

This is complete.