compiler-rt/test/fuzzer/SimpleHashTest.cpp

   1 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
   2 // See https://llvm.org/LICENSE.txt for license information.
   3 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
   4
   5 // This test computes a checksum of the data (all but the last 4 bytes),
   6 // and then compares the last 4 bytes with the computed value.
   7 // A fuzzer with cmp traces is expected to defeat this check.
   8 #include <cstdint>
   9 #include <cstdio>
  10 #include <cstdlib>
  11 #include <cstring>
  12
  13 // A modified jenkins_one_at_a_time_hash initialized by non-zero,
  14 // so that simple_hash(0) != 0. See also
  15 // https://en.wikipedia.org/wiki/Jenkins_hash_function
  16 static uint32_t simple_hash(const uint8_t *Data, size_t Size) {
  17   uint32_t Hash = 0x12039854;
  18   for (uint32_t i = 0; i < Size; i++) {
  19     Hash += Data[i];
  20     Hash += (Hash << 10);
  21     Hash ^= (Hash >> 6);
  22   }
  23   Hash += (Hash << 3);
  24   Hash ^= (Hash >> 11);
  25   Hash += (Hash << 15);
  26   return Hash;
  27 }
  28
  29 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
  30   if (Size < 14)
  31     return 0;
  32
  33   uint32_t Hash = simple_hash(&Data[0], Size - 4);
  34   uint32_t Want = reinterpret_cast<const uint32_t *>(&Data[Size - 4])[0];
  35   if (Hash != Want)
  36     return 0;
  37   fprintf(stderr, "BINGO; simple_hash defeated: %x == %x\n", (unsigned int)Hash,
  38           (unsigned int)Want);
  39   exit(1);
  40   return 0;
  41 }