hghwng · January 21, 2018 13:48 · Jan 21, 2018
diff --git a/replay.cc b/replay.cc
@@ -0,0 +1,54 @@
+#include <cassert>
+
+#include <iostream>
+#include <fstream>
+#include <vector>
+
+#define ATTR_WEAK __attribute__((weak))
+
+extern "C" {
+  int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
+  ATTR_WEAK int LLVMFuzzerInitialize(int *argc, char ***argv);
+  ATTR_WEAK int LLVMFuzzerDeinitialize();
+}
+
+// Fixup for standalone usage
+#define MAP_SIZE_POW2       16
+#define MAP_SIZE            (1 << MAP_SIZE_POW2)
+extern "C" {
+  ATTR_WEAK uint8_t  __afl_area_initial[MAP_SIZE];
+  ATTR_WEAK uint8_t* __afl_area_ptr = __afl_area_initial;
+  ATTR_WEAK __thread uint32_t __afl_prev_loc;
+}
+
+// Execute any files provided as parameters.
+int ExecuteFilesOnyByOne(int argc, char **argv) {
+  for (int i = 1; i < argc; i++) {
+    std::ifstream in(argv[i]); in.seekg(0, in.end);
+    size_t length = in.tellg(); in.seekg (0, in.beg);
+    std::cout << "Reading " << length << " bytes from " << argv[i] << std::endl;
+    // Allocate exactly length bytes so that we reliably catch buffer overflows.
+    std::vector<char> bytes(length);
+    in.read(bytes.data(), bytes.size());
+    assert(in);
+    LLVMFuzzerTestOneInput(reinterpret_cast<const uint8_t *>(bytes.data()),
+                           bytes.size());
+    std::cout << "Execution successfull" << std::endl;
+  }
+  return 0;
+}
+
+int main(int argc, char **argv) {
+  fprintf(stderr,
+          "======================= INFO =========================\n"
+          "This binary is built to run LLVM fuzzing driver\n"
+          "To run the target function on individual input(s) execute this:\n"
+          "  %s INPUT_FILE1 [INPUT_FILE2 ... ]\n"
+          "======================================================\n",
+          argv[0]);
+
+  if (LLVMFuzzerInitialize) LLVMFuzzerInitialize(&argc, &argv);
+  ExecuteFilesOnyByOne(argc, argv);
+  if (LLVMFuzzerDeinitialize) LLVMFuzzerDeinitialize();
+  return 0;
+}