examples/ubsan_int_overflow_fuzz_test.cc - third_party/github/bazelbuild/rules_fuzzing - Git at Google

 // Copyright 2020 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //    https://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 // A fuzz target that triggers a signed integer overflow, which is undefined
 // behavior and detected by UBSAN's signed-integer-overflow check.

 #include <cstddef>
 #include <cstdint>

 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   if (size == 0) {
     return 0;
   }
   int k = 0x7fffffff;
   k += data[0];
   // Use k.
   return k & 0;
 }
	// Copyright 2020 Google LLC
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// https://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	// A fuzz target that triggers a signed integer overflow, which is undefined
	// behavior and detected by UBSAN's signed-integer-overflow check.

	#include <cstddef>
	#include <cstdint>

	extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
	if (size == 0) {
	return 0;
	}
	int k = 0x7fffffff;
	k += data[0];
	// Use k.
	return k & 0;
	}