1 // Simple test for a fuzzer.
2 // The fuzzer must find the string "Hi!" preceded by a magic value.
3 // Uses UserSuppliedFuzzer which ensures that the magic is present.
11 #include "FuzzerInterface.h"
13 static const uint64_t kMagic = 8860221463604ULL;
15 class MyFuzzer : public fuzzer::UserSuppliedFuzzer {
17 void TargetFunction(const uint8_t *Data, size_t Size) {
18 if (Size <= 10) return;
19 if (memcmp(Data, &kMagic, sizeof(kMagic))) return;
20 // It's hard to get here w/o advanced fuzzing techniques (e.g. cmp tracing).
21 // So, we simply 'fix' the data in the custom mutator.
24 if (Data[10] == '!') {
25 std::cout << "BINGO; Found the target, exiting\n";
32 virtual size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize) {
33 assert(MaxSize > sizeof(kMagic));
34 if (Size < sizeof(kMagic))
35 Size = sizeof(kMagic);
36 // "Fix" the data, then mutate.
37 memcpy(Data, &kMagic, std::min(MaxSize, sizeof(kMagic)));
38 return BasicMutate(Data + sizeof(kMagic), Size - sizeof(kMagic),
39 MaxSize - sizeof(kMagic));
41 // No need to redefine CrossOver() here.
44 int main(int argc, char **argv) {
46 fuzzer::FuzzerDriver(argc, argv, F);