Merge "Add bspatch_fuzzer" am: c82a7587b8 am: 9a5d296683

am: 0b0af26ab1

Change-Id: Id4d7234f3c284d03fea46f60865b0b4b72ee21f1

2 files changed, 54 insertions, 0 deletions

diff --git a/bsdiff.gyp b/bsdiff.gyp
index 318c344..65802f4 100644
--- a/bsdiff.gyp
+++ b/bsdiff.gyp
@@ -170,5 +170,21 @@
         },
       ],
     }],
+    # fuzzer target
+    ['USE_fuzzer == 1', {
+      'targets': [
+        {
+          'target_name': 'bspatch_fuzzer',
+          'type': 'executable',
+          'dependencies': [
+            'libbspatch-static',
+          ],
+          'includes': ['../../platform2/common-mk/common_fuzzer.gypi'],
+          'sources': [
+            'bspatch_fuzzer.cc',
+          ],
+        },
+      ],
+    }],
   ],
 }
diff --git a/bspatch_fuzzer.cc b/bspatch_fuzzer.cc
new file mode 100644
index 0000000..84409dd
--- /dev/null
+++ b/bspatch_fuzzer.cc
@@ -0,0 +1,38 @@
+// Copyright 2018 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <iostream>
+#include <memory>
+#include <vector>
+
+#include "bsdiff/bspatch.h"
+#include "bsdiff/memory_file.h"
+#include "bsdiff/sink_file.h"
+
+namespace {
+
+void FuzzBspatch(const uint8_t* data, size_t size) {
+  const size_t kBufferSize = 1024;
+  std::vector<uint8_t> source_buffer(kBufferSize);
+  std::unique_ptr<bsdiff::FileInterface> source(
+      new bsdiff::MemoryFile(source_buffer.data(), source_buffer.size()));
+  std::unique_ptr<bsdiff::FileInterface> target(new bsdiff::SinkFile(
+      [](const uint8_t* data, size_t size) { return size; }));
+  bsdiff::bspatch(source, target, data, size);
+}
+
+struct Environment {
+  Environment() {
+    // To turn off logging for bsdiff library.
+    std::cerr.setstate(std::ios_base::failbit);
+  }
+};
+
+}  // namespace
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  static Environment env;
+  FuzzBspatch(data, size);
+  return 0;
+}