jcs.org
"Das U-Boot" Source Tree
1/* SPDX-License-Identifier: GPL-2.0+ */
2/*
3 * Copyright (c) 2022 Google, Inc.
4 * Written by Andrew Scull <ascull@google.com>
5 */
6
7#include <command.h>
8#include <dm.h>
9#include <fuzzing_engine.h>
10#include <test/fuzz.h>
11
12static struct fuzz_test *find_fuzz_test(const char *name)
13{
14 struct fuzz_test *fuzzer = FUZZ_TEST_START();
15 size_t count = FUZZ_TEST_COUNT();
16 size_t i;
17
18 for (i = 0; i < count; ++i) {
19 if (strcmp(name, fuzzer->name) == 0)
20 return fuzzer;
21 ++fuzzer;
22 }
23
24 return NULL;
25}
26
27static struct udevice *find_fuzzing_engine(void)
28{
29 struct udevice *dev;
30
31 if (uclass_first_device_err(UCLASS_FUZZING_ENGINE, &dev))
32 return NULL;
33
34 return dev;
35}
36
37static int do_fuzz(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
38{
39 struct fuzz_test *fuzzer;
40 struct udevice *dev;
41
42 if (argc != 2)
43 return CMD_RET_USAGE;
44
45 fuzzer = find_fuzz_test(argv[1]);
46 if (!fuzzer) {
47 printf("Could not find fuzzer: %s\n", argv[1]);
48 return 1;
49 }
50
51 dev = find_fuzzing_engine();
52 if (!dev) {
53 puts("No fuzzing engine available\n");
54 return 1;
55 }
56
57 while (1) {
58 const uint8_t *data;
59 size_t size;
60
61 if (dm_fuzzing_engine_get_input(dev, &data, &size)) {
62 puts("Fuzzing engine failed\n");
63 return 1;
64 }
65
66 fuzzer->func(data, size);
67 }
68
69 return 1;
70}
71
72U_BOOT_LONGHELP(fuzz,
73 "[fuzz-test-name] - execute the named fuzz test\n");
74
75U_BOOT_CMD(
76 fuzz, CONFIG_SYS_MAXARGS, 1, do_fuzz,
77 "fuzz tests", fuzz_help_text
78);