[llvm] r254558 - Libfuzzer: do not pass null into user function

Mike Aizatsky via llvm-commits llvm-commits at lists.llvm.org
Thu Dec 3 10:59:19 PST 2015 

We don't want to enforce this contract on user fuzzer functions. While some
people find it reasonable, other prefer to add assert(ptr) to their code.


On Wed, Dec 2, 2015 at 9:39 PM David Blaikie <dblaikie at gmail.com> wrote:

> I think maybe this came up in the code review, but I'm still confused:
>
> Why is it significant to make the Data pointer non-null if the size is
> zero? The implementation shouldn't care what value the Data pointer has if
> it's been told that it points to zero valid bytes, no?
>
>
> On Wed, Dec 2, 2015 at 2:43 PM, Mike Aizatsky via llvm-commits <
> llvm-commits at lists.llvm.org> wrote:
>
>> Author: aizatsky
>> Date: Wed Dec  2 16:43:53 2015
>> New Revision: 254558
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=254558&view=rev
>> Log:
>> Libfuzzer: do not pass null into user function
>>
>> Differential Revision: http://reviews.llvm.org/D15098
>>
>> Modified:
>>     llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
>>     llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp
>>
>> Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=254558&r1=254557&r2=254558&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
>> +++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Wed Dec  2 16:43:53 2015
>> @@ -238,7 +238,11 @@ void Fuzzer::RunOneAndUpdateCorpus(Unit
>>  }
>>
>>  void Fuzzer::ExecuteCallback(const Unit &U) {
>> -  int Res = USF.TargetFunction(U.data(), U.size());
>> +  const uint8_t *Data = U.data();
>> +  uint8_t EmptyData;
>> +  if (!Data)
>> +    Data = &EmptyData;
>> +  int Res = USF.TargetFunction(Data, U.size());
>>    (void)Res;
>>    assert(Res == 0);
>>  }
>>
>> Modified: llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp?rev=254558&r1=254557&r2=254558&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp (original)
>> +++ llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp Wed Dec  2 16:43:53 2015
>> @@ -1,4 +1,5 @@
>>  // Simple test for a fuzzer. The fuzzer must find the string "Hi!".
>> +#include <assert.h>
>>  #include <cstdint>
>>  #include <cstdlib>
>>  #include <cstddef>
>> @@ -7,6 +8,7 @@
>>  static volatile int Sink;
>>
>>  extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
>> +  assert(Data);
>>    if (Size > 0 && Data[0] == 'H') {
>>      Sink = 1;
>>      if (Size > 1 && Data[1] == 'i') {
>>
>>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20151203/0e85ae4b/attachment.html>

More information about the llvm-commits mailing list