// Copyright 2017 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/351564777): Remove this and convert code to safer constructs. #pragma allow_unsafe_buffers #endif #include <stddef.h> #include <stdint.h> #include "base/compiler_specific.h" #include "base/containers/flat_map.h" #include "base/containers/span.h" #include "base/files/file.h" #include "base/functional/bind.h" #include "base/run_loop.h" #include "base/strings/string_number_conversions.h" #include "base/task/single_thread_task_executor.h" #include "base/task/thread_pool/thread_pool_instance.h" #include "mojo/core/embedder/embedder.h" #include "mojo/public/cpp/bindings/associated_remote.h" #include "mojo/public/cpp/bindings/pending_remote.h" #include "mojo/public/tools/fuzzers/fuzz.mojom.h" #include "mojo/public/tools/fuzzers/fuzz_impl.h" /* Environment for the executable. Initializes the mojo EDK and sets up a * ThreadPool, because Mojo messages must be sent and processed from * TaskRunners. */ struct Environment { … }; Environment* env = …; /* MessageReceiver which dumps raw message bytes to disk in the provided * directory. */ class MessageDumper : public mojo::MessageFilter { … }; /* Returns a FuzzUnion with fuzz_bool initialized. */ auto GetBoolFuzzUnion() { … } /* Returns a FuzzUnion with fuzz_struct_map initialized. Takes in a * FuzzDummyStructPtr to use within the fuzz_struct_map value. */ auto GetStructMapFuzzUnion(fuzz::mojom::FuzzDummyStructPtr in) { … } /* Returns a FuzzUnion with fuzz_complex initialized. Takes in a FuzzUnionPtr * to use within the fuzz_complex value. */ auto GetComplexFuzzUnion(fuzz::mojom::FuzzUnionPtr in) { … } /* Returns a populated value for FuzzStruct->fuzz_primitive_array. */ auto GetFuzzStructBoolArrayValue() { … } /* Returns a populated value for FuzzStruct->fuzz_primitive_array. */ auto GetFuzzStructPrimitiveArrayValue() { … } /* Returns a populated value for FuzzStruct->fuzz_primitive_map. */ auto GetFuzzStructPrimitiveMapValue() { … } /* Returns a populated value for FuzzStruct->fuzz_array_map. */ auto GetFuzzStructArrayMapValue() { … } /* Returns a populated value for FuzzStruct->fuzz_union_map. Takes in a * FuzzUnionPtr to use within the fuzz_union_map value.*/ auto GetFuzzStructUnionMapValue(fuzz::mojom::FuzzUnionPtr in) { … } /* Returns a populated value for FuzzStruct->fuzz_union_array. Takes in a * FuzzUnionPtr to use within the fuzz_union_array value.*/ auto GetFuzzStructUnionArrayValue(fuzz::mojom::FuzzUnionPtr in) { … } /* Returns a populated value for FuzzStruct->fuzz_struct_array. Takes in a * FuzzStructPtr to use within the fuzz_struct_array value. */ auto GetFuzzStructStructArrayValue(fuzz::mojom::FuzzStructPtr in) { … } /* Returns a populated value for FuzzStruct->fuzz_nullable_array. */ auto GetFuzzStructNullableArrayValue() { … } /* Returns a populated value for FuzzStruct->fuzz_complex. */ auto GetFuzzStructComplexValue() { … } /* Returns a FuzzStruct with its fields populated. */ fuzz::mojom::FuzzStructPtr GetPopulatedFuzzStruct() { … } /* Callback used for messages with responses. Does nothing. */ void FuzzCallback() { … } /* Invokes each method in the FuzzInterface and dumps the messages to the * supplied directory. */ void DumpMessages(std::string output_directory) { … } int main(int argc, char** argv) { … }