1 /*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Johannes Schlüter <johanes@php.net> |
14 | Stanislav Malyshev <stas@php.net> |
15 +----------------------------------------------------------------------+
16 */
17
18 #include <main/php.h>
19 #include <main/php_main.h>
20 #include <main/SAPI.h>
21 #include <ext/standard/info.h>
22 #include <ext/standard/php_var.h>
23 #include <main/php_variables.h>
24
25 #include "fuzzer.h"
26 #include "fuzzer-sapi.h"
27
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)28 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
29 if (Size > 6 * 1024) {
30 /* Large inputs have a large impact on fuzzer performance and may cause stack overflows,
31 * but are unlikely to be necessary to reach new codepaths. */
32 return 0;
33 }
34
35 fuzzer_do_request_from_buffer(
36 "fuzzer.php", (const char *) Data, Size, /* execute */ 0, /* before_shutdown */ NULL);
37
38 return 0;
39 }
40
LLVMFuzzerInitialize(int * argc,char *** argv)41 int LLVMFuzzerInitialize(int *argc, char ***argv) {
42 /* Compilation will often trigger fatal errors.
43 * Use tracked allocation mode to avoid leaks in that case. */
44 putenv("USE_TRACKED_ALLOC=1");
45
46 fuzzer_init_php(NULL);
47
48 /* fuzzer_shutdown_php(); */
49 return 0;
50 }
51