| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <string> |
| 6 |
| 7 #include "base/basictypes.h" |
| 8 #include "base/strings/string_util.h" |
| 9 #include "tools/ipc_fuzzer/mutate/generator.h" |
| 10 #include "tools/ipc_fuzzer/mutate/rand_util.h" |
| 11 |
| 12 namespace ipc_fuzzer { |
| 13 |
| 14 template <typename T> |
| 15 void GenerateIntegralType(T* value) { |
| 16 switch (RandInRange(16)) { |
| 17 case 0: |
| 18 *value = static_cast<T>(0); |
| 19 break; |
| 20 case 1: |
| 21 *value = static_cast<T>(1); |
| 22 break; |
| 23 case 2: |
| 24 *value = static_cast<T>(-1); |
| 25 break; |
| 26 case 3: |
| 27 *value = static_cast<T>(2); |
| 28 break; |
| 29 default: |
| 30 *value = static_cast<T>(RandU64()); |
| 31 break; |
| 32 } |
| 33 } |
| 34 |
| 35 template <typename T> |
| 36 void GenerateFloatingType(T* value) { |
| 37 *value = RandDouble(); |
| 38 } |
| 39 |
| 40 template <typename T> |
| 41 void GenerateStringType(T* value) { |
| 42 T temp_string; |
| 43 size_t length = RandInRange(300); |
| 44 for (size_t i = 0; i < length; ++i) |
| 45 temp_string += RandInRange(256); |
| 46 *value = temp_string; |
| 47 } |
| 48 |
| 49 void Generator::FuzzBool(bool* value) { |
| 50 *value = RandInRange(2) ? true: false; |
| 51 } |
| 52 |
| 53 void Generator::FuzzInt(int* value) { |
| 54 GenerateIntegralType<int>(value); |
| 55 } |
| 56 |
| 57 void Generator::FuzzLong(long* value) { |
| 58 GenerateIntegralType<long>(value); |
| 59 } |
| 60 |
| 61 void Generator::FuzzSize(size_t* value) { |
| 62 GenerateIntegralType<size_t>(value); |
| 63 } |
| 64 |
| 65 void Generator::FuzzUChar(unsigned char* value) { |
| 66 GenerateIntegralType<unsigned char>(value); |
| 67 } |
| 68 |
| 69 void Generator::FuzzWChar(wchar_t* value) { |
| 70 GenerateIntegralType<wchar_t>(value); |
| 71 } |
| 72 |
| 73 void Generator::FuzzUInt16(uint16* value) { |
| 74 GenerateIntegralType<uint16>(value); |
| 75 } |
| 76 |
| 77 void Generator::FuzzUInt32(uint32* value) { |
| 78 GenerateIntegralType<uint32>(value); |
| 79 } |
| 80 |
| 81 void Generator::FuzzInt64(int64* value) { |
| 82 GenerateIntegralType<int64>(value); |
| 83 } |
| 84 |
| 85 void Generator::FuzzUInt64(uint64* value) { |
| 86 GenerateIntegralType<uint64>(value); |
| 87 } |
| 88 |
| 89 void Generator::FuzzFloat(float* value) { |
| 90 GenerateFloatingType<float>(value); |
| 91 } |
| 92 |
| 93 void Generator::FuzzDouble(double* value) { |
| 94 GenerateFloatingType<double>(value); |
| 95 } |
| 96 |
| 97 void Generator::FuzzString(std::string* value) { |
| 98 GenerateStringType<std::string>(value); |
| 99 } |
| 100 |
| 101 void Generator::FuzzString16(base::string16* value) { |
| 102 GenerateStringType<base::string16>(value); |
| 103 } |
| 104 |
| 105 void Generator::FuzzData(char* data, int length) { |
| 106 for (int i = 0; i < length; ++i) { |
| 107 GenerateIntegralType<char>(&data[i]); |
| 108 } |
| 109 } |
| 110 |
| 111 void Generator::FuzzBytes(void* data, int data_len) { |
| 112 FuzzData(static_cast<char*>(data), data_len); |
| 113 } |
| 114 |
| 115 bool Generator::ShouldGenerate() { |
| 116 // The generator fuzzer should always generate new values. |
| 117 return true; |
| 118 } |
| 119 |
| 120 } // namespace ipc_fuzzer |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1000373004:
Combine traits for IPC mutation and generation fuzzing plus other refactoring. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master