honggfuzz-pg.patch

diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c
index cb5a96117f6..4545f479647 100644
--- a/src/backend/tcop/postgres.c
+++ b/src/backend/tcop/postgres.c
@@ -193,6 +193,39 @@ static void log_disconnections(int code, Datum arg);
 static void enable_statement_timeout(void);
 static void disable_statement_timeout(void);
 
+/*
+ * Honggfuzz support
+ */
+static bool fuzzMode; /* are we running under honggfuzz? */
+
+static void fuzz_iter(void);
+
+#define COPY_FUZZ_INPUT_PATH "/tmp/fuzz.data"
+
+static char *fuzzquery = "COPY copytest FROM '" COPY_FUZZ_INPUT_PATH "'";
+
+extern int HF_ITER(uint8_t** buf, size_t* len);
+
+/*
+ * Read next input from fuzzer, and write it to temp file where COPY FROM can
+ * find it.
+ */
+static void
+fuzz_iter()
+{
+	FILE	   *fp;
+	uint8_t	   *data;
+	size_t		len;
+
+	HF_ITER(&data, &len);
+
+	fp = fopen(COPY_FUZZ_INPUT_PATH, "w");
+	if (!fp)
+		elog(PANIC, "could not open \"%s\" for writing: %m", COPY_FUZZ_INPUT_PATH);
+	fwrite(data, len, 1, fp);
+	fclose(fp);
+}
+
 
 /* ----------------------------------------------------------------
  *		routines to obtain user input
@@ -507,6 +540,18 @@ ReadCommand(StringInfo inBuf)
 {
 	int			result;
 
+	/* If we're fuzzing, get next input from the fuzzer */
+	if (fuzzMode)
+	{
+		fuzz_iter();
+
+		resetStringInfo(inBuf);
+		appendStringInfoString(inBuf, fuzzquery);
+		/* Add '\0' to make it look the same as message case. */
+		appendStringInfoChar(inBuf, (char) '\0');
+		return 'Q';
+	}
+
 	if (whereToSendOutput == DestRemote)
 		result = SocketBackend(inBuf);
 	else
@@ -3598,6 +3643,14 @@ process_postgres_switches(int argc, char *argv[], GucContext ctx,
 			argv++;
 			argc--;
 		}
+
+		/* Recognize --fuzz option, to read input from honggfuzz */
+		if (argc > 1 && strcmp(argv[1], "--fuzz") == 0)
+		{
+			argv++;
+			argc--;
+			fuzzMode = true;
+		}
 	}
 	else
 	{