1 // SPDX-License-Identifier: BSD-3-Clause
2 // Copyright(c) 2020, Google Inc. All rights reserved
3 //
4 // Author: Curtis Malainey <cujomalainey@chromium.org>
5
6 #include <inttypes.h>
7 #include <stdlib.h>
8 #include <sof/ipc/driver.h>
9 #include <sof/math/numbers.h>
10 #include <sof/audio/component_ext.h>
11 #include <sof/lib/notifier.h>
12
13 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
14 int LLVMFuzzerInitialize(int *argc, char ***argv);
15 // fuzz_ipc.c
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)16 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
17 {
18 // since we can always assume the mailbox is allocated
19 // copy the buffer to pre allocated buffer
20 struct sof_ipc_cmd_hdr *hdr = calloc(SOF_IPC_MSG_MAX_SIZE, 1);
21
22 memcpy_s(hdr, SOF_IPC_MSG_MAX_SIZE, Data, MIN(Size, SOF_IPC_MSG_MAX_SIZE));
23
24 // sanity check performed typically by platform dependent code
25 if (hdr->size < sizeof(*hdr) || hdr->size > SOF_IPC_MSG_MAX_SIZE)
26 goto done;
27
28 ipc_cmd((ipc_cmd_hdr *)hdr);
29 done:
30 free(hdr);
31 return 0; // Non-zero return values are reserved for future use.
32 }
33
LLVMFuzzerInitialize(int * argc,char *** argv)34 int LLVMFuzzerInitialize(int *argc, char ***argv)
35 {
36 init_system_notify(sof_get());
37
38 trace_init(sof_get());
39
40 platform_init(sof_get());
41
42 /* init components */
43 sys_comp_init(sof_get());
44
45 /* init self-registered modules */
46 /* sys_module_init(); */
47
48 /* other necessary initializations, todo: follow better SOF init */
49 pipeline_posn_init(sof_get());
50
51 return 0;
52 }
53
