diff --git a/tests/fuzz/block_round_trip.c b/tests/fuzz/block_round_trip.c index 9ead57a5a..a0079d352 100644 --- a/tests/fuzz/block_round_trip.c +++ b/tests/fuzz/block_round_trip.c @@ -55,8 +55,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); int cLevel = FUZZ_dataProducer_uint32(producer) % kMaxClevel; diff --git a/tests/fuzz/dictionary_decompress.c b/tests/fuzz/dictionary_decompress.c index 54903f1f6..3bbd9bf5b 100644 --- a/tests/fuzz/dictionary_decompress.c +++ b/tests/fuzz/dictionary_decompress.c @@ -27,8 +27,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); FUZZ_dict_t dict; ZSTD_DDict* ddict = NULL; diff --git a/tests/fuzz/dictionary_round_trip.c b/tests/fuzz/dictionary_round_trip.c index cd1ca38f7..5a4b9503a 100644 --- a/tests/fuzz/dictionary_round_trip.c +++ b/tests/fuzz/dictionary_round_trip.c @@ -71,8 +71,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); size_t const rBufSize = size; void* rBuf = malloc(rBufSize); diff --git a/tests/fuzz/fuzz_data_producer.c b/tests/fuzz/fuzz_data_producer.c index 6dcc1413d..d6893e4f9 100644 --- a/tests/fuzz/fuzz_data_producer.c +++ b/tests/fuzz/fuzz_data_producer.c @@ -65,3 +65,10 @@ size_t FUZZ_dataProducer_contract(FUZZ_dataProducer_t *producer, size_t newSize) producer->size = newSize; return remaining; } + +size_t FUZZ_dataProducer_reserveDataPrefix(FUZZ_dataProducer_t *producer) +{ + size_t producerSliceSize = FUZZ_dataProducer_uint32Range( + producer, 0, producer->size); + return FUZZ_dataProducer_contract(producer, producerSliceSize); +} diff --git a/tests/fuzz/fuzz_data_producer.h b/tests/fuzz/fuzz_data_producer.h index 668c87f29..8eea1e256 100644 --- a/tests/fuzz/fuzz_data_producer.h +++ b/tests/fuzz/fuzz_data_producer.h @@ -44,10 +44,13 @@ uint32_t FUZZ_dataProducer_uint32(FUZZ_dataProducer_t *producer); /* Returns the size of the remaining bytes of data in the producer */ size_t FUZZ_dataProducer_remainingBytes(FUZZ_dataProducer_t *producer); -/* Tells the producer to contract to newSize bytes of data it currently uses, -counted from the end, and forget about the rest. If newSize > current data size, -nothing happens. Returns the number of bytes the producer won't use anymore, -after contracting. */ +/* Restricts the producer to only the last newSize bytes of data. +If newSize > current data size, nothing happens. Returns the number of bytes +the producer won't use anymore, after contracting. */ size_t FUZZ_dataProducer_contract(FUZZ_dataProducer_t *producer, size_t newSize); +/* Restricts the producer to use only the last X bytes of data, where X is + a random number in the interval [0, data_size]. Returns the size of the + remaining data the producer won't use anymore (the prefix). */ +size_t FUZZ_dataProducer_reserveDataPrefix(FUZZ_dataProducer_t *producer); #endif // FUZZ_DATA_PRODUCER_H diff --git a/tests/fuzz/simple_compress.c b/tests/fuzz/simple_compress.c index b8c6394cb..74ab0d631 100644 --- a/tests/fuzz/simple_compress.c +++ b/tests/fuzz/simple_compress.c @@ -27,8 +27,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); size_t const maxSize = ZSTD_compressBound(size); size_t const bufSize = FUZZ_dataProducer_uint32Range(producer, 0, maxSize); diff --git a/tests/fuzz/simple_decompress.c b/tests/fuzz/simple_decompress.c index 5c7680bf0..6182746a1 100644 --- a/tests/fuzz/simple_decompress.c +++ b/tests/fuzz/simple_decompress.c @@ -26,8 +26,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); if (!dctx) { dctx = ZSTD_createDCtx(); diff --git a/tests/fuzz/simple_round_trip.c b/tests/fuzz/simple_round_trip.c index f19e37a35..4a07d16a4 100644 --- a/tests/fuzz/simple_round_trip.c +++ b/tests/fuzz/simple_round_trip.c @@ -55,8 +55,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); /* Half of the time fuzz with a 1 byte smaller output size. * This will still succeed because we don't use a dictionary, so the dictID diff --git a/tests/fuzz/stream_decompress.c b/tests/fuzz/stream_decompress.c index 4d5c49966..70582e11b 100644 --- a/tests/fuzz/stream_decompress.c +++ b/tests/fuzz/stream_decompress.c @@ -56,8 +56,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); /* Allocate all buffers and contexts if not already allocated */ if (!buf) { diff --git a/tests/fuzz/stream_round_trip.c b/tests/fuzz/stream_round_trip.c index 02bb26daa..08a4927a6 100644 --- a/tests/fuzz/stream_round_trip.c +++ b/tests/fuzz/stream_round_trip.c @@ -128,8 +128,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size) /* Give a random portion of src data to the producer, to use for parameter generation. The rest will be used for (de)compression */ FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(src, size); - size_t producerSliceSize = FUZZ_dataProducer_uint32Range(producer, 0, size); - size = FUZZ_dataProducer_contract(producer, producerSliceSize); + size = FUZZ_dataProducer_reserveDataPrefix(producer); size_t neededBufSize; neededBufSize = ZSTD_compressBound(size) * 5;