9 read -r -a AVAILABLE_TARGETS < <(echo */fuzz.c | sed 's@/fuzz.c@@g')
14 Usage: $0 [OPTION]... FUZZ_TARGET
16 Fuzz wimlib with LLVM's libFuzzer.
19 --asan Enable AddressSanitizer
20 --input=INPUT Test a single input file only
21 --max-len=LEN Maximum length of generated inputs (default: $MAX_LEN)
22 --msan Enable MemorySanitizer
23 --time=SECONDS Stop after the given time has passed
24 --ubsan Enable UndefinedBehaviorSanitizer
26 Available fuzz targets: ${AVAILABLE_TARGETS[*]}
56 longopts=$(echo "${longopts_array[@]}" | tr ' ' ',')
58 if ! options=$(getopt -o "" -l "$longopts" -- "$@"); then
62 eval set -- "$options"
66 EXTRA_SANITIZERS+=",address"
81 EXTRA_SANITIZERS+=",memory"
84 EXTRA_FUZZER_ARGS+=("-max_total_time=$2")
88 EXTRA_SANITIZERS+=",undefined"
95 echo 1>&2 "Invalid option '$1'"
101 EXTRA_FUZZER_ARGS+=("-max_len=$MAX_LEN")
103 if (( $# != 1 )); then
104 echo 1>&2 "No fuzz target specified!"
109 if [ ! -e "$TARGET/fuzz.c" ]; then
110 echo 1>&2 "'$TARGET' is not a valid fuzz target!"
115 cflags="-g -O1 -Wall -Werror"
116 cflags+=" -fsanitize=fuzzer-no-link$EXTRA_SANITIZERS"
117 if [ -n "$EXTRA_SANITIZERS" ]; then
118 cflags+=" -fno-sanitize-recover=${EXTRA_SANITIZERS#,}"
120 if ! [ -e config.log ] || ! grep -q -- "'CFLAGS=$cflags'" config.log; then
121 run_cmd ./configure --enable-test-support --without-fuse --without-ntfs-3g \
122 CC=clang CFLAGS="$cflags"
124 run_cmd make "-j$(getconf _NPROCESSORS_ONLN)"
126 if [ -n "$INPUT" ]; then
127 run_cmd clang -g -O1 -fsanitize=fuzzer-no-link$EXTRA_SANITIZERS -Wall -Werror \
128 -I "$TOPDIR/include" "$TARGET/fuzz.c" test-one-input.c fault-injection.c \
129 "$TOPDIR/.libs/libwim.a" -o test-one-input
130 run_cmd ./test-one-input "$INPUT"
132 run_cmd clang -g -O1 -fsanitize=fuzzer$EXTRA_SANITIZERS -Wall -Werror \
133 -I "$TOPDIR/include" "$TARGET/fuzz.c" fault-injection.c \
134 "$TOPDIR/.libs/libwim.a" -o "$TARGET/fuzz"
135 run_cmd "$TARGET/fuzz" "${EXTRA_FUZZER_ARGS[@]}" "$TARGET/corpus"