| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <iostream> | 5 #include <iostream> |
| 6 #include <set> | 6 #include <set> |
| 7 #include <string> | 7 #include <string> |
| 8 #include <tuple> | 8 #include <tuple> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 1118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1129 template <> | 1129 template <> |
| 1130 struct FuzzTraits<HWND> { | 1130 struct FuzzTraits<HWND> { |
| 1131 static bool Fuzz(HWND* p, Fuzzer* fuzzer) { | 1131 static bool Fuzz(HWND* p, Fuzzer* fuzzer) { |
| 1132 // TODO(aarya): This should actually do something. | 1132 // TODO(aarya): This should actually do something. |
| 1133 return true; | 1133 return true; |
| 1134 } | 1134 } |
| 1135 }; | 1135 }; |
| 1136 #endif | 1136 #endif |
| 1137 | 1137 |
| 1138 template <> | 1138 template <> |
| 1139 struct FuzzTraits<IPC::Message> { | 1139 struct FuzzTraits<std::unique_ptr<IPC::Message>> { |
| 1140 static bool Fuzz(IPC::Message* p, Fuzzer* fuzzer) { | 1140 static bool Fuzz(std::unique_ptr<IPC::Message>* p, Fuzzer* fuzzer) { |
| 1141 // TODO(mbarbella): Support mutation. | 1141 // TODO(mbarbella): Support mutation. |
| 1142 if (!fuzzer->ShouldGenerate()) | 1142 if (!fuzzer->ShouldGenerate()) |
| 1143 return true; | 1143 return true; |
| 1144 | 1144 |
| 1145 if (g_function_vector.empty()) | 1145 if (g_function_vector.empty()) |
| 1146 return false; | 1146 return false; |
| 1147 size_t index = RandInRange(g_function_vector.size()); | 1147 size_t index = RandInRange(g_function_vector.size()); |
| 1148 IPC::Message* ipc_message = (*g_function_vector[index])(NULL, fuzzer); | 1148 std::unique_ptr<IPC::Message> ipc_message = |
| 1149 (*g_function_vector[index])(nullptr, fuzzer); |
| 1149 if (!ipc_message) | 1150 if (!ipc_message) |
| 1150 return false; | 1151 return false; |
| 1151 p = ipc_message; | 1152 *p = std::move(ipc_message); |
| 1152 return true; | 1153 return true; |
| 1153 } | 1154 } |
| 1154 }; | 1155 }; |
| 1155 | 1156 |
| 1156 #if !defined(OS_WIN) | 1157 #if !defined(OS_WIN) |
| 1157 // PlatformfileForTransit is just SharedMemoryHandle on Windows, which already | 1158 // PlatformfileForTransit is just SharedMemoryHandle on Windows, which already |
| 1158 // has a trait, see ipc/ipc_platform_file.h | 1159 // has a trait, see ipc/ipc_platform_file.h |
| 1159 template <> | 1160 template <> |
| 1160 struct FuzzTraits<IPC::PlatformFileForTransit> { | 1161 struct FuzzTraits<IPC::PlatformFileForTransit> { |
| 1161 static bool Fuzz(IPC::PlatformFileForTransit* p, Fuzzer* fuzzer) { | 1162 static bool Fuzz(IPC::PlatformFileForTransit* p, Fuzzer* fuzzer) { |
| (...skipping 565 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1727 | 1728 |
| 1728 // MessageFactory abstracts away constructing control/routed messages by | 1729 // MessageFactory abstracts away constructing control/routed messages by |
| 1729 // providing an additional random routing ID argument when necessary. | 1730 // providing an additional random routing ID argument when necessary. |
| 1730 template <typename Message, IPC::MessageKind> | 1731 template <typename Message, IPC::MessageKind> |
| 1731 class MessageFactory; | 1732 class MessageFactory; |
| 1732 | 1733 |
| 1733 template <typename Message> | 1734 template <typename Message> |
| 1734 class MessageFactory<Message, IPC::MessageKind::CONTROL> { | 1735 class MessageFactory<Message, IPC::MessageKind::CONTROL> { |
| 1735 public: | 1736 public: |
| 1736 template <typename... Args> | 1737 template <typename... Args> |
| 1737 static Message* New(const Args&... args) { | 1738 static std::unique_ptr<Message> New(const Args&... args) { |
| 1738 return new Message(args...); | 1739 return base::MakeUnique<Message>(args...); |
| 1739 } | 1740 } |
| 1740 }; | 1741 }; |
| 1741 | 1742 |
| 1742 template <typename Message> | 1743 template <typename Message> |
| 1743 class MessageFactory<Message, IPC::MessageKind::ROUTED> { | 1744 class MessageFactory<Message, IPC::MessageKind::ROUTED> { |
| 1744 public: | 1745 public: |
| 1745 template <typename... Args> | 1746 template <typename... Args> |
| 1746 static Message* New(const Args&... args) { | 1747 static std::unique_ptr<Message> New(const Args&... args) { |
| 1747 return new Message(RandInRange(MAX_FAKE_ROUTING_ID), args...); | 1748 return base::MakeUnique<Message>(RandInRange(MAX_FAKE_ROUTING_ID), args...); |
| 1748 } | 1749 } |
| 1749 }; | 1750 }; |
| 1750 | 1751 |
| 1751 template <typename Message> | 1752 template <typename Message> |
| 1752 class FuzzerHelper; | 1753 class FuzzerHelper; |
| 1753 | 1754 |
| 1754 template <typename Meta, typename... Ins> | 1755 template <typename Meta, typename... Ins> |
| 1755 class FuzzerHelper<IPC::MessageT<Meta, std::tuple<Ins...>, void>> { | 1756 class FuzzerHelper<IPC::MessageT<Meta, std::tuple<Ins...>, void>> { |
| 1756 public: | 1757 public: |
| 1757 using Message = IPC::MessageT<Meta, std::tuple<Ins...>, void>; | 1758 using Message = IPC::MessageT<Meta, std::tuple<Ins...>, void>; |
| 1758 | 1759 |
| 1759 static IPC::Message* Fuzz(IPC::Message* msg, Fuzzer* fuzzer) { | 1760 static std::unique_ptr<IPC::Message> Fuzz(IPC::Message* msg, Fuzzer* fuzzer) { |
| 1760 return FuzzImpl(msg, fuzzer, base::MakeIndexSequence<sizeof...(Ins)>()); | 1761 return FuzzImpl(msg, fuzzer, base::MakeIndexSequence<sizeof...(Ins)>()); |
| 1761 } | 1762 } |
| 1762 | 1763 |
| 1763 private: | 1764 private: |
| 1764 template <size_t... Ns> | 1765 template <size_t... Ns> |
| 1765 static IPC::Message* FuzzImpl(IPC::Message* msg, | 1766 static std::unique_ptr<IPC::Message> FuzzImpl(IPC::Message* msg, |
| 1766 Fuzzer* fuzzer, | 1767 Fuzzer* fuzzer, |
| 1767 base::IndexSequence<Ns...>) { | 1768 base::IndexSequence<Ns...>) { |
| 1768 typename Message::Param p; | 1769 typename Message::Param p; |
| 1769 if (msg) { | 1770 if (msg) { |
| 1770 Message::Read(static_cast<Message*>(msg), &p); | 1771 Message::Read(static_cast<Message*>(msg), &p); |
| 1771 } | 1772 } |
| 1772 if (FuzzParam(&p, fuzzer)) { | 1773 if (FuzzParam(&p, fuzzer)) { |
| 1773 return MessageFactory<Message, Meta::kKind>::New(std::get<Ns>(p)...); | 1774 return MessageFactory<Message, Meta::kKind>::New(std::get<Ns>(p)...); |
| 1774 } | 1775 } |
| 1775 std::cerr << "Don't know how to handle " << Meta::kName << "\n"; | 1776 std::cerr << "Don't know how to handle " << Meta::kName << "\n"; |
| 1776 return nullptr; | 1777 return nullptr; |
| 1777 } | 1778 } |
| 1778 }; | 1779 }; |
| 1779 | 1780 |
| 1780 template <typename Meta, typename... Ins, typename... Outs> | 1781 template <typename Meta, typename... Ins, typename... Outs> |
| 1781 class FuzzerHelper< | 1782 class FuzzerHelper< |
| 1782 IPC::MessageT<Meta, std::tuple<Ins...>, std::tuple<Outs...>>> { | 1783 IPC::MessageT<Meta, std::tuple<Ins...>, std::tuple<Outs...>>> { |
| 1783 public: | 1784 public: |
| 1784 using Message = IPC::MessageT<Meta, std::tuple<Ins...>, std::tuple<Outs...>>; | 1785 using Message = IPC::MessageT<Meta, std::tuple<Ins...>, std::tuple<Outs...>>; |
| 1785 | 1786 |
| 1786 static IPC::Message* Fuzz(IPC::Message* msg, Fuzzer* fuzzer) { | 1787 static std::unique_ptr<IPC::Message> Fuzz(IPC::Message* msg, Fuzzer* fuzzer) { |
| 1787 return FuzzImpl(msg, fuzzer, base::MakeIndexSequence<sizeof...(Ins)>()); | 1788 return FuzzImpl(msg, fuzzer, base::MakeIndexSequence<sizeof...(Ins)>()); |
| 1788 } | 1789 } |
| 1789 | 1790 |
| 1790 private: | 1791 private: |
| 1791 template <size_t... Ns> | 1792 template <size_t... Ns> |
| 1792 static IPC::Message* FuzzImpl(IPC::Message* msg, | 1793 static std::unique_ptr<IPC::Message> FuzzImpl(IPC::Message* msg, |
| 1793 Fuzzer* fuzzer, | 1794 Fuzzer* fuzzer, |
| 1794 base::IndexSequence<Ns...>) { | 1795 base::IndexSequence<Ns...>) { |
| 1795 typename Message::SendParam p; | 1796 typename Message::SendParam p; |
| 1796 Message* real_msg = static_cast<Message*>(msg); | 1797 Message* real_msg = static_cast<Message*>(msg); |
| 1797 Message* new_msg = nullptr; | 1798 std::unique_ptr<Message> new_msg; |
| 1798 if (real_msg) { | 1799 if (real_msg) { |
| 1799 Message::ReadSendParam(real_msg, &p); | 1800 Message::ReadSendParam(real_msg, &p); |
| 1800 } | 1801 } |
| 1801 if (FuzzParam(&p, fuzzer)) { | 1802 if (FuzzParam(&p, fuzzer)) { |
| 1802 new_msg = MessageFactory<Message, Meta::kKind>::New( | 1803 new_msg = MessageFactory<Message, Meta::kKind>::New( |
| 1803 std::get<Ns>(p)..., static_cast<Outs*>(nullptr)...); | 1804 std::get<Ns>(p)..., static_cast<Outs*>(nullptr)...); |
| 1804 } | 1805 } |
| 1805 if (real_msg && new_msg) { | 1806 if (real_msg && new_msg) { |
| 1806 MessageCracker::CopyMessageID(new_msg, real_msg); | 1807 MessageCracker::CopyMessageID(new_msg.get(), real_msg); |
| 1807 } else if (!new_msg) { | 1808 } else if (!new_msg) { |
| 1808 std::cerr << "Don't know how to handle " << Meta::kName << "\n"; | 1809 std::cerr << "Don't know how to handle " << Meta::kName << "\n"; |
| 1809 } | 1810 } |
| 1810 return new_msg; | 1811 return new_msg; |
| 1811 } | 1812 } |
| 1812 }; | 1813 }; |
| 1813 | 1814 |
| 1814 #include "tools/ipc_fuzzer/message_lib/all_message_null_macros.h" | 1815 #include "tools/ipc_fuzzer/message_lib/all_message_null_macros.h" |
| 1815 | 1816 |
| 1816 void PopulateFuzzerFunctionVector( | 1817 void PopulateFuzzerFunctionVector( |
| 1817 FuzzerFunctionVector* function_vector) { | 1818 FuzzerFunctionVector* function_vector) { |
| 1818 #undef IPC_MESSAGE_DECL | 1819 #undef IPC_MESSAGE_DECL |
| 1819 #define IPC_MESSAGE_DECL(name, ...) \ | 1820 #define IPC_MESSAGE_DECL(name, ...) \ |
| 1820 function_vector->push_back(FuzzerHelper<name>::Fuzz); | 1821 function_vector->push_back(FuzzerHelper<name>::Fuzz); |
| 1821 #include "tools/ipc_fuzzer/message_lib/all_messages.h" | 1822 #include "tools/ipc_fuzzer/message_lib/all_messages.h" |
| 1822 } | 1823 } |
| 1823 | 1824 |
| 1824 // Redefine macros to register fuzzing functions into map. | 1825 // Redefine macros to register fuzzing functions into map. |
| 1825 #include "tools/ipc_fuzzer/message_lib/all_message_null_macros.h" | 1826 #include "tools/ipc_fuzzer/message_lib/all_message_null_macros.h" |
| 1826 #undef IPC_MESSAGE_DECL | 1827 #undef IPC_MESSAGE_DECL |
| 1827 #define IPC_MESSAGE_DECL(name, ...) \ | 1828 #define IPC_MESSAGE_DECL(name, ...) \ |
| 1828 (*map)[static_cast<uint32_t>(name::ID)] = FuzzerHelper<name>::Fuzz; | 1829 (*map)[static_cast<uint32_t>(name::ID)] = FuzzerHelper<name>::Fuzz; |
| 1829 | 1830 |
| 1830 void PopulateFuzzerFunctionMap(FuzzerFunctionMap* map) { | 1831 void PopulateFuzzerFunctionMap(FuzzerFunctionMap* map) { |
| 1831 #include "tools/ipc_fuzzer/message_lib/all_messages.h" | 1832 #include "tools/ipc_fuzzer/message_lib/all_messages.h" |
| 1832 } | 1833 } |
| 1833 | 1834 |
| 1834 } // namespace ipc_fuzzer | 1835 } // namespace ipc_fuzzer |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2972773004:
Remove ScopedVector from tools/ipc_fuzzer/. (Closed)
