2 * Copyright (c) Meta Platforms, Inc. and affiliates.
5 * This source code is licensed under both the BSD-style license (found in the
6 * LICENSE file in the root directory of this source tree) and the GPLv2 (found
7 * in the COPYING file in the root directory of this source tree).
8 * You may select, at your option, one of the above-listed licenses.
11 #define ZSTD_STATIC_LINKING_ONLY
18 #include "fuzz_data_producer.h"
19 #include "fuzz_helpers.h"
20 #include "zstd_helpers.h"
23 * This fuzz target ensures that ZSTD_generateSequences() does not crash and
24 * if it succeeds that ZSTD_compressSequences() round trips.
27 static void testRoundTrip(ZSTD_CCtx* cctx, ZSTD_Sequence const* seqs, size_t nbSeqs, const void* src, size_t srcSize) {
28 /* Compress the sequences with block delimiters */
29 const size_t compressBound = ZSTD_compressBound(srcSize);
30 void* dst = FUZZ_malloc(compressBound);
33 size_t compressedSize = ZSTD_compressSequences(cctx, dst, compressBound, seqs, nbSeqs, src, srcSize);
34 FUZZ_ZASSERT(compressedSize);
36 void* decompressed = FUZZ_malloc(srcSize);
37 FUZZ_ASSERT(srcSize == 0 || decompressed);
38 size_t decompressedSize = ZSTD_decompress(decompressed, srcSize, dst, compressedSize);
39 FUZZ_ZASSERT(decompressedSize);
40 FUZZ_ASSERT(decompressedSize == srcSize);
42 FUZZ_ASSERT(!memcmp(src, decompressed, srcSize));
49 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
51 FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
52 size = FUZZ_dataProducer_reserveDataPrefix(producer);
54 ZSTD_CCtx* cctx = ZSTD_createCCtx();
57 const size_t seqsCapacity = FUZZ_dataProducer_uint32Range(producer, 0, 2 * ZSTD_sequenceBound(size));
58 ZSTD_Sequence* seqs = (ZSTD_Sequence*)FUZZ_malloc(sizeof(ZSTD_Sequence) * seqsCapacity);
59 FUZZ_ASSERT(seqsCapacity == 0 || seqs);
61 FUZZ_setRandomParameters(cctx, size, producer);
62 FUZZ_ZASSERT(ZSTD_CCtx_setParameter(cctx, ZSTD_c_targetCBlockSize, 0));
63 FUZZ_ZASSERT(ZSTD_CCtx_setParameter(cctx, ZSTD_c_nbWorkers, 0));
65 const size_t nbSeqs = ZSTD_generateSequences(cctx, seqs, seqsCapacity, data, size);
66 if (ZSTD_isError(nbSeqs)) {
67 /* Allowed to error if the destination is too small */
68 if (ZSTD_getErrorCode(nbSeqs) == ZSTD_error_dstSize_tooSmall) {
69 FUZZ_ASSERT(seqsCapacity < ZSTD_sequenceBound(size));
72 /* Ensure we round trip with and without block delimiters*/
74 FUZZ_ZASSERT(ZSTD_CCtx_setParameter(cctx, ZSTD_c_blockDelimiters, ZSTD_sf_explicitBlockDelimiters));
75 testRoundTrip(cctx, seqs, nbSeqs, data, size);
77 const size_t nbMergedSeqs = ZSTD_mergeBlockDelimiters(seqs, nbSeqs);
78 FUZZ_ASSERT(nbMergedSeqs <= nbSeqs);
79 FUZZ_ZASSERT(ZSTD_CCtx_reset(cctx, ZSTD_reset_session_only));
80 FUZZ_ZASSERT(ZSTD_CCtx_setParameter(cctx, ZSTD_c_blockDelimiters, ZSTD_sf_noBlockDelimiters));
81 testRoundTrip(cctx, seqs, nbMergedSeqs, data, size);
86 FUZZ_dataProducer_free(producer);