[llvm-bugs] [Bug 51739] New: Other APIs can be used after FuzzedDataProvider::ConsumeRemainingBytes
via llvm-bugs
llvm-bugs at lists.llvm.org
Fri Sep 3 14:58:23 PDT 2021
https://bugs.llvm.org/show_bug.cgi?id=51739
Bug ID: 51739
Summary: Other APIs can be used after
FuzzedDataProvider::ConsumeRemainingBytes
Product: compiler-rt
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P
Component: compiler-rt
Assignee: unassignedbugs at nondot.org
Reporter: smoreland at google.com
CC: llvm-bugs at lists.llvm.org
We had a recent bug in a fuzzer where ConsumeBool was called after
ConsumeRemainingBytes, discovered by devinmoore at google.com by viewing fuzzer
coverage information. Would it make sense for ConsumeRemainingBytes to put the
fuzzed data provider in an invalid state such that additional calls to read
data from the fuzzer result in an abort? Any path where Consume* follows
ConsumeRemainingBytes means that certain coverage is impossible.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210903/0eb382d3/attachment-0001.html>
More information about the llvm-bugs
mailing list