From 9af467ed8b53adfe1c8d0788d874d7a8c08375de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lu=C3=ADs=20Ferreira?= <contact@lsferreira.net>
Date: Tue, 9 Nov 2021 12:40:45 -0800
Subject: [PATCH] [Tools] Add a fuzzing tool to help fuzzing D demangler

This patch adds a fuzzing helper tool for D demangler by feeding the demangler API with
pseudo-random null terminated strings with the help of libfuzzer heuristics.

Reviewed By: dblaikie

Differential Revision: https://reviews.llvm.org/D111432
---
 .../llvm-dlang-demangle-fuzzer/CMakeLists.txt | 10 ++++++++++
 .../DummyDemanglerFuzzer.cpp                  | 18 ++++++++++++++++++
 .../llvm-dlang-demangle-fuzzer.cpp            | 19 +++++++++++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 llvm/tools/llvm-dlang-demangle-fuzzer/CMakeLists.txt
 create mode 100644 llvm/tools/llvm-dlang-demangle-fuzzer/DummyDemanglerFuzzer.cpp
 create mode 100644 llvm/tools/llvm-dlang-demangle-fuzzer/llvm-dlang-demangle-fuzzer.cpp

diff --git a/llvm/tools/llvm-dlang-demangle-fuzzer/CMakeLists.txt b/llvm/tools/llvm-dlang-demangle-fuzzer/CMakeLists.txt
new file mode 100644
index 000000000000..5f90def79847
--- /dev/null
+++ b/llvm/tools/llvm-dlang-demangle-fuzzer/CMakeLists.txt
@@ -0,0 +1,10 @@
+set(LLVM_LINK_COMPONENTS
+  Demangle
+  FuzzMutate
+  Support
+)
+
+add_llvm_fuzzer(llvm-dlang-demangle-fuzzer
+  llvm-dlang-demangle-fuzzer.cpp
+  DUMMY_MAIN DummyDemanglerFuzzer.cpp
+  )
diff --git a/llvm/tools/llvm-dlang-demangle-fuzzer/DummyDemanglerFuzzer.cpp b/llvm/tools/llvm-dlang-demangle-fuzzer/DummyDemanglerFuzzer.cpp
new file mode 100644
index 000000000000..201fdd798888
--- /dev/null
+++ b/llvm/tools/llvm-dlang-demangle-fuzzer/DummyDemanglerFuzzer.cpp
@@ -0,0 +1,18 @@
+//===-- DummyDemanglerFuzzer.cpp - Entry point to sanity check the fuzzer -===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+//
+// Implementation of main so we can build and test without linking libFuzzer.
+//
+//===----------------------------------------------------------------------===//
+
+#include "llvm/FuzzMutate/FuzzerCLI.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
+int main(int argc, char *argv[]) {
+  return llvm::runFuzzerOnInputs(argc, argv, LLVMFuzzerTestOneInput);
+}
diff --git a/llvm/tools/llvm-dlang-demangle-fuzzer/llvm-dlang-demangle-fuzzer.cpp b/llvm/tools/llvm-dlang-demangle-fuzzer/llvm-dlang-demangle-fuzzer.cpp
new file mode 100644
index 000000000000..16175af9f233
--- /dev/null
+++ b/llvm/tools/llvm-dlang-demangle-fuzzer/llvm-dlang-demangle-fuzzer.cpp
@@ -0,0 +1,19 @@
+//===--- llvm-dlang-demangle-fuzzer.cpp - Fuzzer for the DLang Demangler --===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+
+#include "llvm/Demangle/Demangle.h"
+#include <cstdint>
+#include <cstdlib>
+#include <string>
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  std::string NullTerminatedString((const char *)Data, Size);
+  char *Demangled = llvm::dlangDemangle(NullTerminatedString.c_str());
+  std::free(Demangled);
+  return 0;
+}