source: zzuf/trunk/src/fuzz.c @ 1486

Last change on this file since 1486 was 1486, checked in by Sam Hocevar, 16 years ago
  • Rename percent to ratio.
  • Property svn:keywords set to Id
File size: 1.9 KB
Line 
1/*
2 *  zzuf - general purpose fuzzer
3 *  Copyright (c) 2006 Sam Hocevar <sam@zoy.org>
4 *                All Rights Reserved
5 *
6 *  $Id: fuzz.c 1486 2006-12-15 16:10:56Z sam $
7 *
8 *  This program is free software. It comes without any warranty, to
9 *  the extent permitted by applicable law. You can redistribute it
10 *  and/or modify it under the terms of the Do What The Fuck You Want
11 *  To Public License, Version 2, as published by Sam Hocevar. See
12 *  http://sam.zoy.org/wtfpl/COPYING for more details.
13 */
14
15/*
16 *  fuzz.c: fuzz functions
17 */
18
19#include "config.h"
20
21#if defined HAVE_STDINT_H
22#   include <stdint.h>
23#elif defined HAVE_INTTYPES_H
24#   include <inttypes.h>
25#endif
26#include <stdio.h>
27#include <string.h>
28#include <regex.h>
29
30#include "libzzuf.h"
31#include "debug.h"
32#include "random.h"
33#include "fuzz.h"
34
35#define MAGIC1 0x33ea84f7
36#define MAGIC2 0x783bc31f
37/* We arbitrarily split files into 1024-byte chunks. Each chunk has an
38 * associated seed that can be computed from the zzuf seed, the chunk
39 * index and the fuzziness density. This allows us to predictably fuzz
40 * any part of the file without reading the whole file. */
41#define CHUNKSIZE 1024
42
43void zzuf_fuzz(int fd, uint8_t *buf, uint64_t len)
44{
45    uint64_t start, stop;
46    unsigned int i, todo;
47
48    start = files[fd].pos;
49    stop = start + len;
50
51    for(i = start / CHUNKSIZE; i < (stop + CHUNKSIZE - 1) / CHUNKSIZE; i++)
52    {
53        uint32_t chunkseed = i * MAGIC1;
54
55        /* Add some random dithering to handle ratio < 1.0/CHUNKSIZE */
56        zzuf_srand(_zzuf_seed ^ chunkseed);
57        todo = (int)((_zzuf_ratio * (CHUNKSIZE * 1000) + zzuf_rand(1000))
58                     / 1000.0);
59        zzuf_srand(_zzuf_seed ^ chunkseed ^ (todo * MAGIC2));
60
61        while(todo--)
62        {
63            uint64_t idx = i * CHUNKSIZE + zzuf_rand(CHUNKSIZE);
64            uint8_t byte = (1 << zzuf_rand(8));
65
66            if(idx < start || idx >= stop)
67                continue;
68
69            buf[idx - start] ^= byte;
70        }
71    }
72}
73
Note: See TracBrowser for help on using the repository browser.