[PATCH] D60008: Use binary write mode in WriteToFile function to avoid appended \r characters on Windows

tuktuk via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Fri Mar 29 16:20:08 PDT 2019 

tuktuk added a comment.

In D60008#1448260 <https://reviews.llvm.org/D60008#1448260>, @vitalybuka wrote:

> Oh, can you add a test so it fail without the patch on Windows?


Hello,

I am happy to provide a simple example but I do not know the code base enough to turn it into a test.

With the following fuzz target:

  // fuzz_target.cc
  #include <cstdint>
  
  extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
  {
    if (Data[0] == '\n') {
      __builtin_trap();
    }
    return 0;
  }

The produced crash is not reproducible:

  >"C:\Program Files\LLVM\bin\clang++.exe" -fsanitize=address,fuzzer 
  fuzz_target.cc -o fuzzer.exe
  
  > fuzzer.exe
  SUMMARY: libFuzzer: deadly signal
  Test unit written to ./crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
  Base64: Cg==
  
  > fuzzer.exe crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
  Running: crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
  Executed crash-adc83b19e793491b1c6ea0fd8b46cd9f32e592fc in 2 ms
  ***
  *** NOTE: fuzzing was not performed, you have only
  ***       executed the target code on a fixed set of inputs.
  ***

Indeed the contents of the produced file is "\r\n", not "\n".

The expected result is the one obtained with the following fuzz target:

  // fuzz_target.cc
  #include <cstdint>
  
  extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
  {
    if (Data[0] == 'a') {
      __builtin_trap();
    }
    return 0;
  }

The produced crash is reproducible as expected:

  > "C:\Program Files\LLVM\bin\clang++.exe" -fsanitize=address,fuzzer 
  fuzz_target.cc -o fuzzer.exe
  
  > fuzzer.exe
  SUMMARY: libFuzzer: deadly signal
  Test unit written to ./crash-86f7e437faa5a7fce15d1ddcb9eaeaea377667b8
  Base64: YQ==
  
  >fuzzer.exe crash-86f7e437faa5a7fce15d1ddcb9eaeaea377667b8
  fuzzer: Running 1 inputs 1 time(s) each.
  Running: crash-86f7e437faa5a7fce15d1ddcb9eaeaea377667b8
  ==12580== ERROR: libFuzzer: deadly signal 


Repository:
  rCRT Compiler Runtime

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D60008/new/

https://reviews.llvm.org/D60008

More information about the llvm-commits mailing list