Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / 6164728ad80404da4d481bef38b1cf27d2e6e294 / . / imageloader / helper_process_receiver_fuzzer.cc
blob: 8a42b407cda68e3b5c88ab2f0630cf52ed93ddaf [file] [log] [blame]
Xiaochu Liu61647282018-11-08 10:31:08 -0800[diff] [blame^]1// Copyright 2018 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "imageloader/helper_process_receiver.h"
6
7#include <sys/socket.h>
8#include <sys/types.h>
9
10#include <base/logging.h>
11#include <base/posix/unix_domain_socket_linux.h>
12
13namespace imageloader {
14
15void helper_process_receiver_fuzzer_run(const uint8_t* data, size_t size) {
16 int socket_pair[2];
17 socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0, socket_pair);
18 base::ScopedFD reader_fd(socket_pair[0]);
19 base::ScopedFD writer_fd(socket_pair[1]);
20
21 imageloader::HelperProcessReceiver helper_process_receiver(
22 std::move(reader_fd));
23
24 if (size == 0) {
25 // Per recvmsg(2), the return value will be 0 when the peer has performed an
26 // orderly shutdown.
27 // This causes current fuzzer process to exit permanently.
28 return;
29 }
30 base::UnixDomainSocket::SendMsg(writer_fd.get(), data, size,
31 std::vector<int>());
32 helper_process_receiver.OnFileCanReadWithoutBlocking(socket_pair[0]);
33}
34
35} // namespace imageloader
36
37extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
38 imageloader::helper_process_receiver_fuzzer_run(data, size);
39 return 0;
40}