1//===- FuzzerInterface.h - Interface header for the Fuzzer ------*- C++ -* ===//
2//
3//                     The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9// Define the interface between libFuzzer and the library being tested.
10//===----------------------------------------------------------------------===//
11
12// NOTE: the libFuzzer interface is thin and in the majority of cases
13// you should not include this file into your target. In 95% of cases
14// all you need is to define the following function in your file:
15// extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
16
17// WARNING: keep the interface in C.
18
19#ifndef LLVM_FUZZER_INTERFACE_H
20#define LLVM_FUZZER_INTERFACE_H
21
22#include <stddef.h>
23#include <stdint.h>
24
25#ifdef __cplusplus
26extern "C" {
27#endif  // __cplusplus
28
29// Mandatory user-provided target function.
30// Executes the code under test with [Data, Data+Size) as the input.
31// libFuzzer will invoke this function *many* times with different inputs.
32// Must return 0.
33int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
34
35// Optional user-provided initialization function.
36// If provided, this function will be called by libFuzzer once at startup.
37// It may read and modify argc/argv.
38// Must return 0.
39int LLVMFuzzerInitialize(int *argc, char ***argv);
40
41// Optional user-provided custom mutator.
42// Mutates raw data in [Data, Data+Size) inplace.
43// Returns the new size, which is not greater than MaxSize.
44// Given the same Seed produces the same mutation.
45size_t LLVMFuzzerCustomMutator(uint8_t *Data, size_t Size, size_t MaxSize,
46                               unsigned int Seed);
47
48// Optional user-provided custom cross-over function.
49// Combines pieces of Data1 & Data2 together into Out.
50// Returns the new size, which is not greater than MaxOutSize.
51// Should produce the same mutation given the same Seed.
52size_t LLVMFuzzerCustomCrossOver(const uint8_t *Data1, size_t Size1,
53                                 const uint8_t *Data2, size_t Size2,
54                                 uint8_t *Out, size_t MaxOutSize,
55                                 unsigned int Seed);
56
57// Experimental, may go away in future.
58// libFuzzer-provided function to be used inside LLVMFuzzerCustomMutator.
59// Mutates raw data in [Data, Data+Size) inplace.
60// Returns the new size, which is not greater than MaxSize.
61size_t LLVMFuzzerMutate(uint8_t *Data, size_t Size, size_t MaxSize);
62
63#ifdef __cplusplus
64}  // extern "C"
65#endif  // __cplusplus
66
67#endif  // LLVM_FUZZER_INTERFACE_H
68