[PATCH] D29602: [libFuzzer] Fix Load test.
Marcos Pividori via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Feb 6 13:25:23 PST 2017
mpividori created this revision.
We should ensure the size of the variable `a` is 8 bytes. Otherwise, this generates a stack buffer overflow inside the `memcpy` call in 32 bits machines. (We write more bytes than the size of a, when it is 4 bytes).
https://reviews.llvm.org/D29602
Files:
lib/Fuzzer/test/LoadTest.cpp
Index: lib/Fuzzer/test/LoadTest.cpp
===================================================================
--- lib/Fuzzer/test/LoadTest.cpp
+++ lib/Fuzzer/test/LoadTest.cpp
@@ -14,7 +14,7 @@
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
if (Size < 8) return 0;
- size_t a = 0;
+ uint64_t a = 0;
memcpy(&a, Data, 8);
Sink = array[a % (kArraySize + 1)];
return 0;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D29602.87292.patch
Type: text/x-patch
Size: 404 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170206/cff7e24e/attachment.bin>
More information about the llvm-commits
mailing list