Home | History | Annotate | Line # | Download | only in fuzzer 
      1 //===- FuzzerInterface.h - Interface header for the Fuzzer ------*- C++ -* ===//
      2 //
      3 //                     The LLVM Compiler Infrastructure
      4 //
      5 // This file is distributed under the University of Illinois Open Source
      6 // License. See LICENSE.TXT for details.
      7 //
      8 //===----------------------------------------------------------------------===//
      9 // Define the interface between libFuzzer and the library being tested.
     10 //===----------------------------------------------------------------------===//
     11 
     12 // NOTE: the libFuzzer interface is thin and in the majority of cases
     13 // you should not include this file into your target. In 95% of cases
     14 // all you need is to define the following function in your file:
     15 // extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
     16 
     17 // WARNING: keep the interface in C.
     18 
     19 #ifndef LLVM_FUZZER_INTERFACE_H
     20 #define LLVM_FUZZER_INTERFACE_H
     21 
     22 #include <stddef.h>
     23 #include <stdint.h>
     24 
     25 #ifdef __cplusplus
     26 extern "C" {
     27 #endif  // __cplusplus
     28 
     29 // Mandatory user-provided target function.
     30 // Executes the code under test with [Data, Data+Size) as the input.
     31 // libFuzzer will invoke this function *many* times with different inputs.
     32 // Must return 0.
     33 __attribute__((visibility("default"))) int
     34 LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
     35 
     36 // Optional user-provided initialization function.
     37 // If provided, this function will be called by libFuzzer once at startup.
     38 // It may read and modify argc/argv.
     39 // Must return 0.
     40 __attribute__((visibility("default"))) int LLVMFuzzerInitialize(int *argc,
     41                                                                 char ***argv);
     42 
     43 // Optional user-provided custom mutator.
     44 // Mutates raw data in [Data, Data+Size) inplace.
     45 // Returns the new size, which is not greater than MaxSize.
     46 // Given the same Seed produces the same mutation.
     47 __attribute__((visibility("default"))) size_t
     48 LLVMFuzzerCustomMutator(uint8_t *Data, size_t Size, size_t MaxSize,
     49                         unsigned int Seed);
     50 
     51 // Optional user-provided custom cross-over function.
     52 // Combines pieces of Data1 & Data2 together into Out.
     53 // Returns the new size, which is not greater than MaxOutSize.
     54 // Should produce the same mutation given the same Seed.
     55 __attribute__((visibility("default"))) size_t
     56 LLVMFuzzerCustomCrossOver(const uint8_t *Data1, size_t Size1,
     57                           const uint8_t *Data2, size_t Size2, uint8_t *Out,
     58                           size_t MaxOutSize, unsigned int Seed);
     59 
     60 // Experimental, may go away in future.
     61 // libFuzzer-provided function to be used inside LLVMFuzzerCustomMutator.
     62 // Mutates raw data in [Data, Data+Size) inplace.
     63 // Returns the new size, which is not greater than MaxSize.
     64 __attribute__((visibility("default"))) size_t
     65 LLVMFuzzerMutate(uint8_t *Data, size_t Size, size_t MaxSize);
     66 
     67 #ifdef __cplusplus
     68 }  // extern "C"
     69 #endif  // __cplusplus
     70 
     71 #endif  // LLVM_FUZZER_INTERFACE_H
     72