pldubouilh · April 18, 2020 19:07
diff --git a/fuzzer.c b/fuzzer.c
 #include <stdio.h>
 #include <string.h>

 // clang -O0  -Wall -g -fsanitize=fuzzer fuzzer.c && ./a.out

 int LLVMFuzzerTestOneInput(const char *Data, size_t Size)
 {

    int maxlen  = (int) Size;
    const char *start = Data;

    char *end, *aaa;
    int len;

    while (maxlen > 0) {
        end = memchr(start, '\0', maxlen);
        aaa = memchr(start,  'a', maxlen);

        if (aaa == NULL || end == NULL) {
            return 1;
        }

        len = end - aaa;
        if (len <= 0) {
            return 1;
        }

        maxlen -= (end - start) + 1;
    }

    return 0;
 }
	#include <stdio.h>
	#include <string.h>

	// clang -O0 -Wall -g -fsanitize=fuzzer fuzzer.c && ./a.out

	int LLVMFuzzerTestOneInput(const char *Data, size_t Size)
	{

	int maxlen = (int) Size;
	const char *start = Data;

	char end, aaa;
	int len;

	while (maxlen > 0) {
	end = memchr(start, '\0', maxlen);
	aaa = memchr(start, 'a', maxlen);

	if (aaa == NULL \|\| end == NULL) {
	return 1;
	}

	len = end - aaa;
	if (len <= 0) {
	return 1;
	}

	maxlen -= (end - start) + 1;
	}

	return 0;
	}