Add fuzzer work in progress
authorcharles <charles>
Mon, 14 Dec 2009 19:46:27 +0000 (19:46 +0000)
committercharles <charles>
Mon, 14 Dec 2009 19:46:27 +0000 (19:46 +0000)
direct/tests/Makefile
direct/tests/fuzzer.c [new file with mode: 0644]

index 46e7a03..f4b3974 100644 (file)
@@ -14,7 +14,7 @@
 #
 # NB Warning this Makefile does not include header dependencies.
 #
-# $Id: Makefile,v 1.4 2009-11-09 19:16:33 charles Exp $
+# $Id: Makefile,v 1.5 2009-12-14 19:46:27 charles Exp $
 
 #EXTRA_COMPILE_FLAGS = -DYAFFS_IGNORE_TAGS_ECC
 
@@ -60,7 +60,7 @@ YAFFSDIRECTSYMLINKS =  yaffscfg2k.c yaffs_fileem2k.c yaffsfs.c yaffs_flashif.h y
 SYMLINKS = $(YAFFSSYMLINKS) $(YAFFSDIRECTSYMLINKS)
 #all: directtest2k boottest
 
-all: yaffs_test
+all: yaffs_test fuzzer
 
 $(ALLOBJS): %.o: %.c
        gcc -c $(CFLAGS) -o $@ $<
@@ -74,10 +74,14 @@ $(YAFFSDIRECTSYMLINKS):
 
 
 yaffs_test: $(SYMLINKS) $(YAFFSTESTOBJS)
-       gcc -o $@ $(YAFFSTESTOBJS)
+       gcc $(CFLLAG) -o $@ $(YAFFSTESTOBJS)
+
+fuzzer: fuzzer.c
+       gcc $(CFLAGS) -o $@ $<
+
 
 
 
 
 clean:
-       rm -f yaffs_test $(ALLOBJS) core $(YAFFSSYMLINKS) $(YAFFSDIRECTSYMLINKS)
+       rm -f yaffs_test fuzzer fuzzer.o $(ALLOBJS) core $(YAFFSSYMLINKS) $(YAFFSDIRECTSYMLINKS)
diff --git a/direct/tests/fuzzer.c b/direct/tests/fuzzer.c
new file mode 100644 (file)
index 0000000..fed272a
--- /dev/null
@@ -0,0 +1,75 @@
+/*
+ * Fuzzer to fuzz a file
+ */
+
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <pthread.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <fcntl.h>
+                     
+int main(int argc, char *argv[])
+{
+       int prob = 10000;
+       int h;
+       int flen = 0;
+       int changesPerBuffer = 0;
+       int b;
+       char c;
+       unsigned char buffer[1000000];
+       int bufsize;
+       int x;
+       int i;
+       int nbuffers;
+
+       while((c = getopt(argc,argv,"p:")) != -1){
+               switch(c){
+                       case 'p':
+                               prob = atoi(optarg);
+                               break;
+               }
+       }
+       if(prob < 100){
+               printf("-p value less than 100 is invalid\n");
+               return 1;
+       }
+       
+       if(optind >= argc){
+               printf(" Needs a file name to fuzz\n");
+               return 1;
+       }
+       
+       h = open(argv[optind], O_RDWR);
+       flen = lseek(h,0,SEEK_END);
+       lseek(h,0,SEEK_SET);
+       if(flen < 1){
+               printf(" File is too short\n");
+               return 1;
+       }
+       
+       nbuffers = (flen + sizeof(buffer) - 1) / sizeof(buffer);
+
+       changesPerBuffer = 1+ (sizeof(buffer) * 8) / prob;
+
+       printf("Fuzzing file %s. Size %d, probablity 1/%d, changing %d bits in each of %d buffers\n",
+               argv[optind],flen,prob,changesPerBuffer,nbuffers);
+
+       srand(time(0));
+
+       for(b = 0; b < nbuffers; b++){
+               printf("buffer %d\n",b);
+               lseek(h,b * sizeof(buffer),SEEK_SET);
+               bufsize = read(h,buffer,sizeof(buffer));
+               for(i = 0; i < changesPerBuffer; i++){
+                       x = rand() % (sizeof(buffer) * 8);
+                       buffer[x >> 3] ^= (1 << (x & 7));
+               }
+               lseek(h,b * sizeof(buffer),SEEK_SET);
+               write(h,buffer,bufsize);
+       }
+       close(h);
+       return 0;
+}