[libc-commits] [libc] [libc] Fix issue with fuzz input too short for atoi diff fuzz (PR #161705)

[Michael Jones via libc-commits]

https://github.com/michaelrj-google created https://github.com/llvm/llvm-project/pull/161705

The string to integer differential fuzzer assumes at least one byte of
meaningful input, but wasn't explicitly checking that. Now it does.


>From 54645e8ce43ce84e275a65c77f64a4d6e479b075 Mon Sep 17 00:00:00 2001
From: Michael Jones <michaelrj at google.com>
Date: Thu, 2 Oct 2025 17:28:03 +0000
Subject: [PATCH] [libc] Fix issue with fuzz input too short for atoi diff fuzz

The string to integer differential fuzzer assumes at least one byte of
meaningful input, but wasn't explicitly checking that. Now it does.
---
 libc/fuzzing/stdlib/strtointeger_differential_fuzz.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libc/fuzzing/stdlib/strtointeger_differential_fuzz.cpp b/libc/fuzzing/stdlib/strtointeger_differential_fuzz.cpp
index 097e6193ee6ef..2fabbba231167 100644
--- a/libc/fuzzing/stdlib/strtointeger_differential_fuzz.cpp
+++ b/libc/fuzzing/stdlib/strtointeger_differential_fuzz.cpp
@@ -44,6 +44,10 @@
 // greater than 50% chance for each character to end the string, making the odds
 // of getting long numbers very low.
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  if (size < 2) // Needs at least one byte for the base and one byte for the
+                // string.
+    return 0;
+
   uint8_t *container = new uint8_t[size + 1];
   if (!container)
     __builtin_trap();