I'm trying to apply llvm fuzzer on my function which might have some very complicated nested Google protobuf
as arguments to find possible crashes.
The testing code is shown below:
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
MyProtoBufferType proto;
if (!proto.ParseFromArray(data, size)) {
// Handle parse error if necessary
return 0;
}
// Call your function with the populated protobuf object
myFunction(proto);
return 0;
}
My question is:
How could the
proto.ParseFromArray(data, size)
succeed? It should be extreamly hard for the data to be parsed into my proto structurecorrectly
(or I'm not sure if the correctness is not important under this circumstance), right?Is there a more recommended approach for my situation?