1 // Copyright 2022 Code Intelligence GmbH
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include <cstdint>
16 #include <cstring>
17
18 #include "com_example_NativeValueProfileFuzzer.h"
19
20 // Prevent the compiler from inlining the secret all the way into checkAccess,
21 // which would make it trivial for the fuzzer to pass the checks.
22 volatile uint64_t secret = 0xefe4eb93215cb6b0L;
23
insecureEncrypt(uint64_t input)24 static uint64_t insecureEncrypt(uint64_t input) { return input ^ secret; }
25
Java_com_example_NativeValueProfileFuzzer_checkAccess(JNIEnv *,jclass,jlong block1,jlong block2)26 jboolean Java_com_example_NativeValueProfileFuzzer_checkAccess(JNIEnv *, jclass,
27 jlong block1,
28 jlong block2) {
29 if (insecureEncrypt(block1) == 0x9fc48ee64d3dc090L) {
30 if (insecureEncrypt(block2) == 0x888a82ff483ad9c2L) {
31 return true;
32 }
33 }
34 return false;
35 }
36