[llvm] r254558 - Libfuzzer: do not pass null into user function

David Blaikie via llvm-commits llvm-commits at lists.llvm.org
Wed Dec 2 21:39:23 PST 2015 

I think maybe this came up in the code review, but I'm still confused:

Why is it significant to make the Data pointer non-null if the size is
zero? The implementation shouldn't care what value the Data pointer has if
it's been told that it points to zero valid bytes, no?

On Wed, Dec 2, 2015 at 2:43 PM, Mike Aizatsky via llvm-commits <
llvm-commits at lists.llvm.org> wrote:

> Author: aizatsky
> Date: Wed Dec  2 16:43:53 2015
> New Revision: 254558
>
> URL: http://llvm.org/viewvc/llvm-project?rev=254558&view=rev
> Log:
> Libfuzzer: do not pass null into user function
>
> Differential Revision: http://reviews.llvm.org/D15098
>
> Modified:
>     llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
>     llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp
>
> Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=254558&r1=254557&r2=254558&view=diff
>
> ==============================================================================
> --- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
> +++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Wed Dec  2 16:43:53 2015
> @@ -238,7 +238,11 @@ void Fuzzer::RunOneAndUpdateCorpus(Unit
>  }
>
>  void Fuzzer::ExecuteCallback(const Unit &U) {
> -  int Res = USF.TargetFunction(U.data(), U.size());
> +  const uint8_t *Data = U.data();
> +  uint8_t EmptyData;
> +  if (!Data)
> +    Data = &EmptyData;
> +  int Res = USF.TargetFunction(Data, U.size());
>    (void)Res;
>    assert(Res == 0);
>  }
>
> Modified: llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp?rev=254558&r1=254557&r2=254558&view=diff
>
> ==============================================================================
> --- llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp (original)
> +++ llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp Wed Dec  2 16:43:53 2015
> @@ -1,4 +1,5 @@
>  // Simple test for a fuzzer. The fuzzer must find the string "Hi!".
> +#include <assert.h>
>  #include <cstdint>
>  #include <cstdlib>
>  #include <cstddef>
> @@ -7,6 +8,7 @@
>  static volatile int Sink;
>
>  extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
> +  assert(Data);
>    if (Size > 0 && Data[0] == 'H') {
>      Sink = 1;
>      if (Size > 1 && Data[1] == 'i') {
>
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20151202/caa8ce84/attachment.html>

More information about the llvm-commits mailing list