<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Sun, May 29, 2016 at 2:25 PM, David Blaikie via llvm-commits <span dir="ltr"><<a href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote"><span class="gmail-">On Sun, May 29, 2016 at 10:09 AM, David Majnemer <span dir="ltr"><<a href="mailto:david.majnemer@gmail.com">david.majnemer@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div dir="ltr">Not really, I have no way to reduce the test down to something reasonable. I'd rather not see the LLVM repo become a collection of large, malformed PDB files.</div></blockquote><div><br></div></span><div>Other ideas for how we ensure we don't regress the functionality you're adding? Sounds like this sort of idea is what Kostya has in mind for libFuzzer use - a corpus of interesting inputs that grows when bugs are fixed so the corpus can be run directly for regression testing, and used as input to the fuzzer for bug finding. Perhaps we need to formalize something like that for this sort of work?</div></div></div></div></blockquote><div><br></div><div>If someone creates a fuzz target code (similar to e.g. tools/clang/tools/clang-fuzzer/ClangFuzzer.cpp) it will be straightforward to add such a fuzzer to the <a href="http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fuzzer/builds/9533">fuzzing bot</a>. </div><div>The only question is whether someone will care to fix the bugs -- clang and clang-format fuzzers are red for many months. </div><div><br></div><div>--kcc </div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div><div class="gmail-h5"><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, May 29, 2016 at 9:25 AM, David Blaikie <span dir="ltr"><<a href="mailto:dblaikie@gmail.com">dblaikie@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div dir="ltr">any chance of test cases for all this error handling being added?</div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, May 28, 2016 at 12:45 PM, David Majnemer via llvm-commits <span dir="ltr"><<a href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">Author: majnemer<br>
Date: Sat May 28 14:45:49 2016<br>
New Revision: 271139<br>
<br>
URL: <a href="http://llvm.org/viewvc/llvm-project?rev=271139&view=rev" rel="noreferrer">http://llvm.org/viewvc/llvm-project?rev=271139&view=rev</a><br>
Log:<br>
[llvm-readobj] Validate the string table offset before using it<br>
<br>
Modified:<br>
llvm/trunk/tools/llvm-readobj/COFFDumper.cpp<br>
<br>
Modified: llvm/trunk/tools/llvm-readobj/COFFDumper.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/llvm-readobj/COFFDumper.cpp?rev=271139&r1=271138&r2=271139&view=diff" rel="noreferrer">http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/llvm-readobj/COFFDumper.cpp?rev=271139&r1=271138&r2=271139&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/tools/llvm-readobj/COFFDumper.cpp (original)<br>
+++ llvm/trunk/tools/llvm-readobj/COFFDumper.cpp Sat May 28 14:45:49 2016<br>
@@ -794,14 +794,20 @@ void COFFDumper::printCodeViewSymbolSect<br>
while (!Contents.empty()) {<br>
const FrameData *FD;<br>
error(consumeObject(Contents, FD));<br>
+<br>
+ if (FD->FrameFunc >= CVStringTable.size())<br>
+ error(object_error::parse_failed);<br>
+<br>
+ StringRef FrameFunc =<br>
+ CVStringTable.drop_front(FD->FrameFunc).split('\0').first;<br>
+<br>
DictScope S(W, "FrameData");<br>
W.printHex("RvaStart", FD->RvaStart);<br>
W.printHex("CodeSize", FD->CodeSize);<br>
W.printHex("LocalSize", FD->LocalSize);<br>
W.printHex("ParamsSize", FD->ParamsSize);<br>
W.printHex("MaxStackSize", FD->MaxStackSize);<br>
- W.printString("FrameFunc",<br>
- CVStringTable.drop_front(FD->FrameFunc).split('\0').first);<br>
+ W.printString("FrameFunc", FrameFunc);<br>
W.printHex("PrologSize", FD->PrologSize);<br>
W.printHex("SavedRegsSize", FD->SavedRegsSize);<br>
W.printFlags("Flags", FD->Flags, makeArrayRef(FrameDataFlags));<br>
<br>
<br>
_______________________________________________<br>
llvm-commits mailing list<br>
<a href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a><br>
<a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" rel="noreferrer">http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits</a><br>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div></div></div><br></div></div>
<br>_______________________________________________<br>
llvm-commits mailing list<br>
<a href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a><br>
<a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" rel="noreferrer">http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits</a><br>
<br></blockquote></div><br></div></div>