[libc-commits] [libc] 4ffe2b2 - [libc] Add fuzz test for strcmp.

via libc-commits libc-commits at lists.llvm.org
Tue Jun 23 04:25:37 PDT 2020 

Author: cgyurgyik
Date: 2020-06-23T07:24:03-04:00
New Revision: 4ffe2b24f5c7a856e607370e1e559e4c94803809

URL: https://github.com/llvm/llvm-project/commit/4ffe2b24f5c7a856e607370e1e559e4c94803809
DIFF: https://github.com/llvm/llvm-project/commit/4ffe2b24f5c7a856e607370e1e559e4c94803809.diff

LOG: [libc] Add fuzz test for strcmp.

Summary:
Adds a fuzz test for string comparison.

This takes in two strings with associated lengths.
Verifies each string contains at least one character, and that the last character is the null terminator.
Then, finds the first instance where one of the following does not hold:
1. i < min(size1, size2)
2. s1[i] == s2[i]
3. s1[i] != '\0'

The result of strcmp is then compared to the value of the difference between s1[i] and s2[i]. For thoroughness, the operands are reversed and also checked.

Reviewers: sivachandra, PaulkaToast

Reviewed By: sivachandra, PaulkaToast

Subscribers: mgorny, tschuett, ecnelises, libc-commits

Tags: #libc-project

Differential Revision: https://reviews.llvm.org/D82247

Added: 
    

Modified: 
    libc/fuzzing/string/strcmp_fuzz.cpp

Removed: 
    


################################################################################
diff  --git a/libc/fuzzing/string/strcmp_fuzz.cpp b/libc/fuzzing/string/strcmp_fuzz.cpp
index 14c6e4d10e71..6ba8440642ce 100644
--- a/libc/fuzzing/string/strcmp_fuzz.cpp
+++ b/libc/fuzzing/string/strcmp_fuzz.cpp
@@ -10,7 +10,6 @@
 ///
 //===----------------------------------------------------------------------===//
 #include "src/string/strcmp.h"
-#include <algorithm>
 #include <stdint.h>
 
 extern "C" int LLVMFuzzerTestTwoInputs(const uint8_t *data1, size_t size1,
@@ -25,15 +24,17 @@ extern "C" int LLVMFuzzerTestTwoInputs(const uint8_t *data1, size_t size1,
   const char *s1 = reinterpret_cast<const char *>(data1);
   const char *s2 = reinterpret_cast<const char *>(data2);
 
-  const size_t minimum_size = std::min(size1, size2);
+  const size_t minimum_size = size1 < size2 ? size1 : size2;
 
   // Iterate through until either the minimum size is hit,
   // a character is the null terminator, or the first set
   // of 
diff ered bytes between s1 and s2 are found.
   // No bytes following a null byte should be compared.
   size_t i;
-  for (i = 0; i < minimum_size && s1[i] && s1[i] == s2[i]; ++i)
-    ;
+  for (i = 0; i < minimum_size; ++i) {
+    if (!s1[i] || s1[i] != s2[i])
+      break;
+  }
 
   int expected_result = s1[i] - s2[i];
   int actual_result = __llvm_libc::strcmp(s1, s2);

More information about the libc-commits mailing list