From 173bfbf7886608a4a7abbfac6a42ac4bf4a3432d Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 20 Sep 2020 16:14:20 +0100
Subject: New upstream version 1.5.0

---
 fuzz/mutator_aux.h | 49 ++++++++++++++++++++++++++++---------------------
 1 file changed, 28 insertions(+), 21 deletions(-)

(limited to 'fuzz/mutator_aux.h')

diff --git a/fuzz/mutator_aux.h b/fuzz/mutator_aux.h
index d14e177..4a7e647 100644
--- a/fuzz/mutator_aux.h
+++ b/fuzz/mutator_aux.h
@@ -9,9 +9,10 @@
 
 #include <stddef.h>
 #include <stdint.h>
+#include <cbor.h>
 
 /*
- * As of LLVM 7.0.1, MSAN support in libFuzzer was still experimental.
+ * As of LLVM 10.0.0, MSAN support in libFuzzer was still experimental.
  * We therefore have to be careful when using our custom mutator, or
  * MSAN will flag uninitialised reads on memory populated by libFuzzer.
  * Since there is no way to suppress MSAN without regenerating object
@@ -22,6 +23,7 @@
 
 #if defined(__has_feature)
 # if  __has_feature(memory_sanitizer)
+#  include <sanitizer/msan_interface.h>
 #  define NO_MSAN	__attribute__((no_sanitize("memory")))
 #  define WITH_MSAN	1
 # endif
@@ -31,44 +33,49 @@
 # define NO_MSAN
 #endif
 
+#define MUTATE_SEED	0x01
+#define MUTATE_PARAM	0x02
+#define MUTATE_WIREDATA	0x04
+#define MUTATE_ALL	(MUTATE_SEED | MUTATE_PARAM | MUTATE_WIREDATA)
+
 #define MAXSTR	1024
 #define MAXBLOB	3072
 
-#define GETLEN_MIN	0
-#define GETLEN_MAX	1
-
 struct blob {
-	uint8_t	body[MAXBLOB];
-	size_t	len;
+	uint8_t body[MAXBLOB];
+	size_t len;
 };
 
+struct param;
+
+struct param *unpack(const uint8_t *, size_t);
+size_t pack(uint8_t *, size_t, const struct param *);
+size_t pack_dummy(uint8_t *, size_t);
+void mutate(struct param *, unsigned int, unsigned int);
+void test(const struct param *);
+
 size_t xstrlen(const char *);
 void consume(const void *, size_t);
 void consume_str(const char *);
 
-int unpack_blob(uint8_t, uint8_t **, size_t *, struct blob *);
-int unpack_byte(uint8_t, uint8_t **, size_t *, uint8_t *);
-int unpack_int(uint8_t, uint8_t **, size_t *, int *);
-int unpack_string(uint8_t, uint8_t **, size_t *, char *);
-
-int pack_blob(uint8_t, uint8_t **, size_t *, const struct blob *);
-int pack_byte(uint8_t, uint8_t **, size_t *, uint8_t);
-int pack_int(uint8_t, uint8_t **, size_t *, int);
-int pack_string(uint8_t, uint8_t **, size_t *, const char *);
+int unpack_blob(cbor_item_t *, struct blob *);
+int unpack_byte(cbor_item_t *, uint8_t *);
+int unpack_int(cbor_item_t *, int *);
+int unpack_string(cbor_item_t *, char *);
 
-size_t len_int(void);
-size_t len_string(int);
-size_t len_byte(void);
-size_t len_blob(int);
+cbor_item_t *pack_blob(const struct blob *);
+cbor_item_t *pack_byte(uint8_t);
+cbor_item_t *pack_int(int);
+cbor_item_t *pack_string(const char *);
 
 void mutate_byte(uint8_t *);
 void mutate_int(int *);
 void mutate_blob(struct blob *);
 void mutate_string(char *);
 
-void * dev_open(const char *);
+void *dev_open(const char *);
 void dev_close(void *);
-void set_wire_data(uint8_t *, size_t);
+void set_wire_data(const uint8_t *, size_t);
 int dev_read(void *, unsigned char *, size_t, int);
 int dev_write(void *, const unsigned char *, size_t);
 
-- 
cgit v1.2.3