1 /*
2  * Copyright 2020 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <fuzzer/FuzzedDataProvider.h>
18 #include "osi/include/future.h"
19 
20 #define MAX_BUFFER_SIZE 8
21 
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)22 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* Data, size_t Size) {
23   // Init our wrapper
24   FuzzedDataProvider dataProvider(Data, Size);
25 
26   // The value of this result ptr shouldn't matter, but make a buffer to be safe
27   size_t buf_size =
28       dataProvider.ConsumeIntegralInRange<size_t>(1, MAX_BUFFER_SIZE);
29   void* buf = malloc(buf_size);
30   if (buf == nullptr) {
31     return 0;
32   }
33   std::vector<uint8_t> bytes = dataProvider.ConsumeBytes<uint8_t>(buf_size);
34   memcpy(buf, bytes.data(), bytes.size());
35 
36   // Is our future an immediate?
37   future_t* future = nullptr;
38   bool is_immediate = dataProvider.ConsumeBool();
39   if (is_immediate) {
40     future = future_new_immediate(buf);
41   } else {
42     future = future_new();
43   }
44 
45   // These functions require a non-null object, according to the header
46   if (future != nullptr) {
47     // If we need to, specify that the future is ready
48     if (!is_immediate) {
49       future_ready(future, buf);
50     }
51 
52     // Free the object
53     future_await(future);
54   }
55 
56   free(buf);
57   return 0;
58 }
59