1 //===-- strcmp_fuzz.cpp ---------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 ///
9 /// Fuzzing test for llvm-libc strcmp implementation.
10 ///
11 //===----------------------------------------------------------------------===//
12 #include "src/string/strcmp.h"
13 #include <algorithm>
14 #include <stdint.h>
15 
16 extern "C" int LLVMFuzzerTestTwoInputs(const uint8_t *data1, size_t size1,
17                                        const uint8_t *data2, size_t size2) {
18   // Verify each data source contains at least one character.
19   if (!size1 || !size2)
20     return 0;
21   // Verify that the final character is the null terminator.
22   if (data1[size1 - 1] != '\0' || data2[size2 - 1] != '\0')
23     return 0;
24 
25   const char *s1 = reinterpret_cast<const char *>(data1);
26   const char *s2 = reinterpret_cast<const char *>(data2);
27 
28   const size_t minimum_size = std::min(size1, size2);
29 
30   // Iterate through until either the minimum size is hit,
31   // a character is the null terminator, or the first set
32   // of differed bytes between s1 and s2 are found.
33   // No bytes following a null byte should be compared.
34   size_t i;
35   for (i = 0; i < minimum_size && s1[i] && s1[i] == s2[i]; ++i)
36     ;
37 
38   int expected_result = s1[i] - s2[i];
39   int actual_result = __llvm_libc::strcmp(s1, s2);
40 
41   // The expected result should be the difference between the first non-equal
42   // characters of s1 and s2. If all characters are equal, the expected result
43   // should be '\0' - '\0' = 0.
44   if (expected_result != actual_result)
45     __builtin_trap();
46 
47   // Verify reversed operands. This should be the negated value of the previous
48   // result, except of course if the previous result was zero.
49   expected_result = s2[i] - s1[i];
50   actual_result = __llvm_libc::strcmp(s2, s1);
51   if (expected_result != actual_result)
52     __builtin_trap();
53 
54   return 0;
55 }
56