1 //===-- strcmp_fuzz.cpp ---------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 ///
9 /// Fuzzing test for llvm-libc strcmp implementation.
10 ///
11 //===----------------------------------------------------------------------===//
12 #include "src/string/strcmp.h"
13 #include <stddef.h>
14 #include <stdint.h>
15 
16 extern "C" int LLVMFuzzerTestTwoInputs(const uint8_t *data1, size_t size1,
17                                        const uint8_t *data2, size_t size2) {
18   // Verify each data source contains at least one character.
19   if (!size1 || !size2)
20     return 0;
21   // Verify that the final character is the null terminator.
22   if (data1[size1 - 1] != '\0' || data2[size2 - 1] != '\0')
23     return 0;
24 
25   const char *s1 = reinterpret_cast<const char *>(data1);
26   const char *s2 = reinterpret_cast<const char *>(data2);
27 
28   const size_t minimum_size = size1 < size2 ? size1 : size2;
29 
30   // Iterate through until either the minimum size is hit,
31   // a character is the null terminator, or the first set
32   // of differed bytes between s1 and s2 are found.
33   // No bytes following a null byte should be compared.
34   size_t i;
35   for (i = 0; i < minimum_size; ++i) {
36     if (!s1[i] || s1[i] != s2[i])
37       break;
38   }
39 
40   int expected_result = s1[i] - s2[i];
41   int actual_result = __llvm_libc::strcmp(s1, s2);
42 
43   // The expected result should be the difference between the first non-equal
44   // characters of s1 and s2. If all characters are equal, the expected result
45   // should be '\0' - '\0' = 0.
46   if (expected_result != actual_result)
47     __builtin_trap();
48 
49   // Verify reversed operands. This should be the negated value of the previous
50   // result, except of course if the previous result was zero.
51   expected_result = s2[i] - s1[i];
52   actual_result = __llvm_libc::strcmp(s2, s1);
53   if (expected_result != actual_result)
54     __builtin_trap();
55 
56   return 0;
57 }
58