1 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 2 // See https://llvm.org/LICENSE.txt for license information. 3 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 4 5 // This test computes a checksum of the data (all but the last 4 bytes), 6 // and then compares the last 4 bytes with the computed value. 7 // A fuzzer with cmp traces is expected to defeat this check. 8 #include <cstdint> 9 #include <cstdio> 10 #include <cstdlib> 11 #include <cstring> 12 13 // A modified jenkins_one_at_a_time_hash initialized by non-zero, 14 // so that simple_hash(0) != 0. See also 15 // https://en.wikipedia.org/wiki/Jenkins_hash_function 16 static uint32_t simple_hash(const uint8_t *Data, size_t Size) { 17 uint32_t Hash = 0x12039854; 18 for (uint32_t i = 0; i < Size; i++) { 19 Hash += Data[i]; 20 Hash += (Hash << 10); 21 Hash ^= (Hash >> 6); 22 } 23 Hash += (Hash << 3); 24 Hash ^= (Hash >> 11); 25 Hash += (Hash << 15); 26 return Hash; 27 } 28 29 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { 30 if (Size < 14) 31 return 0; 32 33 uint32_t Hash = simple_hash(&Data[0], Size - 4); 34 uint32_t Want = reinterpret_cast<const uint32_t *>(&Data[Size - 4])[0]; 35 if (Hash != Want) 36 return 0; 37 fprintf(stderr, "BINGO; simple_hash defeated: %x == %x\n", (unsigned int)Hash, 38 (unsigned int)Want); 39 exit(1); 40 return 0; 41 } 42