diff options
author | Maria Kustova <maxa@catit.be> | 2014-08-19 16:25:12 +0400 |
---|---|---|
committer | Stefan Hajnoczi <stefanha@redhat.com> | 2014-09-22 11:39:36 +0100 |
commit | 2e5be6b77ef428df9088a5d01586cd0cd0b1a107 (patch) | |
tree | d9069fef111ec19bf2b713b2e251fe48bdd7a13a | |
parent | 56271efdeaa9d01cff9d82c4b8b2ab73152fe1ea (diff) | |
download | qemu-2e5be6b77ef428df9088a5d01586cd0cd0b1a107.tar.gz qemu-2e5be6b77ef428df9088a5d01586cd0cd0b1a107.tar.bz2 qemu-2e5be6b77ef428df9088a5d01586cd0cd0b1a107.zip |
fuzz: Add fuzzing functions for entries of refcount table and blocks
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Maria Kustova <maria.k@catit.be>
Message-id: c9f4027b6f401c67e9d18f94aed29be445e81d48.1408450493.git.maria.k@catit.be
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
-rw-r--r-- | tests/image-fuzzer/qcow2/fuzz.py | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/tests/image-fuzzer/qcow2/fuzz.py b/tests/image-fuzzer/qcow2/fuzz.py index 404b439f48..20eba6bc1b 100644 --- a/tests/image-fuzzer/qcow2/fuzz.py +++ b/tests/image-fuzzer/qcow2/fuzz.py @@ -18,8 +18,8 @@ import random - UINT8 = 0xff +UINT16 = 0xffff UINT32 = 0xffffffff UINT64 = 0xffffffffffffffff # Most significant bit orders @@ -28,6 +28,8 @@ UINT64_M = 63 # Fuzz vectors UINT8_V = [0, 0x10, UINT8/4, UINT8/2 - 1, UINT8/2, UINT8/2 + 1, UINT8 - 1, UINT8] +UINT16_V = [0, 0x100, 0x1000, UINT16/4, UINT16/2 - 1, UINT16/2, UINT16/2 + 1, + UINT16 - 1, UINT16] UINT32_V = [0, 0x100, 0x1000, 0x10000, 0x100000, UINT32/4, UINT32/2 - 1, UINT32/2, UINT32/2 + 1, UINT32 - 1, UINT32] UINT64_V = UINT32_V + [0x1000000, 0x10000000, 0x100000000, UINT64/4, @@ -351,3 +353,15 @@ def l2_entry(current): value = offset + (is_cow << UINT64_M) + \ (is_compressed << UINT64_M - 1) + is_zero return value + + +def refcount_table_entry(current): + """Fuzz an entry of the refcount table.""" + constraints = UINT64_V + return selector(current, constraints) + + +def refcount_block_entry(current): + """Fuzz an entry of a refcount block.""" + constraints = UINT16_V + return selector(current, constraints) |