[llvm] r289467 - [libFuzzer] respect -max_len during merge

Kostya Serebryany via llvm-commits llvm-commits at lists.llvm.org
Mon Dec 12 12:39:36 PST 2016 

Author: kcc
Date: Mon Dec 12 14:39:35 2016
New Revision: 289467

URL: http://llvm.org/viewvc/llvm-project?rev=289467&view=rev
Log:
[libFuzzer] respect -max_len during merge

Modified:
    llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
    llvm/trunk/lib/Fuzzer/FuzzerMerge.cpp
    llvm/trunk/lib/Fuzzer/test/merge.test

Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=289467&r1=289466&r2=289467&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Mon Dec 12 14:39:35 2016
@@ -638,7 +638,8 @@ void Fuzzer::Merge(const std::vector<std
 
   assert(MaxInputLen > 0);
   UnitVector Initial, Extra;
-  ReadDirToVectorOfUnits(Corpora[0].c_str(), &Initial, nullptr, MaxInputLen, true);
+  ReadDirToVectorOfUnits(Corpora[0].c_str(), &Initial, nullptr, MaxInputLen,
+                         true);
   for (auto &C : ExtraCorpora)
     ReadDirToVectorOfUnits(C.c_str(), &Extra, nullptr, MaxInputLen, true);
 

Modified: llvm/trunk/lib/Fuzzer/FuzzerMerge.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerMerge.cpp?rev=289467&r1=289466&r2=289467&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerMerge.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerMerge.cpp Mon Dec 12 14:39:35 2016
@@ -175,6 +175,10 @@ void Fuzzer::CrashResistantMergeInternal
   std::ofstream OF(CFPath, std::ofstream::out | std::ofstream::app);
   for (size_t i = M.FirstNotProcessedFile; i < M.Files.size(); i++) {
     auto U = FileToVector(M.Files[i].Name);
+    if (U.size() > Options.MaxLen) {
+      U.resize(Options.MaxLen);
+      U.shrink_to_fit();
+    }
     std::ostringstream StartedLine;
     // Write the pre-run marker.
     OF << "STARTED " << std::dec << i << " " << U.size() << "\n";

Modified: llvm/trunk/lib/Fuzzer/test/merge.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/merge.test?rev=289467&r1=289466&r2=289467&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/merge.test (original)
+++ llvm/trunk/lib/Fuzzer/test/merge.test Mon Dec 12 14:39:35 2016
@@ -29,6 +29,8 @@ RUN: LLVMFuzzer-FullCoverageSetTest
 CHECK3: === Minimizing the initial corpus of 6 units
 CHECK3: === Merge: written 0 units
 
+# Check that we respect max_len during the merge and don't crash.
+RUN: LLVMFuzzer-FullCoverageSetTest         -merge=1 %tmp/T1 %tmp/T2 -max_len=4
 
 # Check that when merge fails we print an error message.
 RUN: echo 'Hi!' > %tmp/T1/HiI

More information about the llvm-commits mailing list