Message ID | 4f86f2cd94958b660fc7f3f00ba02bebd7d131ac.1407757272.git.maria.k@catit.be |
---|---|
State | New |
Headers | show |
On Mon, 08/11 15:55, Maria Kustova wrote: > Signed-off-by: Maria Kustova <maria.k@catit.be> > --- > tests/image-fuzzer/qcow2/fuzz.py | 16 +++++++++++++++- > 1 file changed, 15 insertions(+), 1 deletion(-) > > diff --git a/tests/image-fuzzer/qcow2/fuzz.py b/tests/image-fuzzer/qcow2/fuzz.py > index 57527f9..5852b4d 100644 > --- a/tests/image-fuzzer/qcow2/fuzz.py > +++ b/tests/image-fuzzer/qcow2/fuzz.py > @@ -18,8 +18,8 @@ > > import random > > - > UINT8 = 0xff > +UINT16 = 0xffff > UINT32 = 0xffffffff > UINT64 = 0xffffffffffffffff > # Most significant bit orders > @@ -28,6 +28,8 @@ UINT64_M = 63 > # Fuzz vectors > UINT8_V = [0, 0x10, UINT8/4, UINT8/2 - 1, UINT8/2, UINT8/2 + 1, UINT8 - 1, > UINT8] > +UINT16_V = [0, 0x100, 0x1000, UINT16/4, UINT16/2 - 1, UINT16/2, UINT16/2 + 1, > + UINT16 - 1, UINT16] > UINT32_V = [0, 0x100, 0x1000, 0x10000, 0x100000, UINT32/4, UINT32/2 - 1, > UINT32/2, UINT32/2 + 1, UINT32 - 1, UINT32] > UINT64_V = UINT32_V + [0x1000000, 0x10000000, 0x100000000, UINT64/4, Seeing some pattern in the vectors, but since the types are very few, we can just construct it like this for now. > @@ -353,3 +355,15 @@ def l2_entry(current): > value = offset + (is_cow << UINT64_M) + \ > (is_compressed << UINT64_M - 1) + is_zero > return value > + > + > +def refcount_table_entry(current): > + """Fuzz an entry of the refcount table.""" > + constraints = UINT64_V > + return selector(current, constraints) > + > + > +def refcount_block_entry(current): > + """Fuzz an entry of a refcount block.""" > + constraints = UINT16_V > + return selector(current, constraints) > -- > 1.9.3 > Reviewed-by: Fam Zheng <famz@redhat.com>
diff --git a/tests/image-fuzzer/qcow2/fuzz.py b/tests/image-fuzzer/qcow2/fuzz.py index 57527f9..5852b4d 100644 --- a/tests/image-fuzzer/qcow2/fuzz.py +++ b/tests/image-fuzzer/qcow2/fuzz.py @@ -18,8 +18,8 @@ import random - UINT8 = 0xff +UINT16 = 0xffff UINT32 = 0xffffffff UINT64 = 0xffffffffffffffff # Most significant bit orders @@ -28,6 +28,8 @@ UINT64_M = 63 # Fuzz vectors UINT8_V = [0, 0x10, UINT8/4, UINT8/2 - 1, UINT8/2, UINT8/2 + 1, UINT8 - 1, UINT8] +UINT16_V = [0, 0x100, 0x1000, UINT16/4, UINT16/2 - 1, UINT16/2, UINT16/2 + 1, + UINT16 - 1, UINT16] UINT32_V = [0, 0x100, 0x1000, 0x10000, 0x100000, UINT32/4, UINT32/2 - 1, UINT32/2, UINT32/2 + 1, UINT32 - 1, UINT32] UINT64_V = UINT32_V + [0x1000000, 0x10000000, 0x100000000, UINT64/4, @@ -353,3 +355,15 @@ def l2_entry(current): value = offset + (is_cow << UINT64_M) + \ (is_compressed << UINT64_M - 1) + is_zero return value + + +def refcount_table_entry(current): + """Fuzz an entry of the refcount table.""" + constraints = UINT64_V + return selector(current, constraints) + + +def refcount_block_entry(current): + """Fuzz an entry of a refcount block.""" + constraints = UINT16_V + return selector(current, constraints)
Signed-off-by: Maria Kustova <maria.k@catit.be> --- tests/image-fuzzer/qcow2/fuzz.py | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-)