[PATCH] D45693: [LibFuzzer] Tweak `MutationDispatcher::Mutate_CopyPart` mutation.
Dan Liew via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Apr 23 23:34:43 PDT 2018
This revision was automatically updated to reflect the committed changes.
Closed by commit rL330687: [LibFuzzer] Tweak `MutationDispatcher::Mutate_CopyPart` mutation. (authored by delcypher, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D45693?vs=143680&id=143681#toc
Repository:
rL LLVM
https://reviews.llvm.org/D45693
Files:
compiler-rt/trunk/lib/fuzzer/FuzzerMutate.cpp
compiler-rt/trunk/lib/fuzzer/tests/FuzzerUnittest.cpp
Index: compiler-rt/trunk/lib/fuzzer/FuzzerMutate.cpp
===================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerMutate.cpp
+++ compiler-rt/trunk/lib/fuzzer/FuzzerMutate.cpp
@@ -339,7 +339,9 @@
size_t MutationDispatcher::Mutate_CopyPart(uint8_t *Data, size_t Size,
size_t MaxSize) {
if (Size > MaxSize || Size == 0) return 0;
- if (Rand.RandBool())
+ // If Size == MaxSize, `InsertPartOf(...)` will
+ // fail so there's no point using it in this case.
+ if (Size == MaxSize || Rand.RandBool())
return CopyPartOf(Data, Size, Data, Size);
else
return InsertPartOf(Data, Size, Data, Size, MaxSize);
Index: compiler-rt/trunk/lib/fuzzer/tests/FuzzerUnittest.cpp
===================================================================
--- compiler-rt/trunk/lib/fuzzer/tests/FuzzerUnittest.cpp
+++ compiler-rt/trunk/lib/fuzzer/tests/FuzzerUnittest.cpp
@@ -381,6 +381,21 @@
TEST(FuzzerMutate, CopyPart2) {
TestCopyPart(&MutationDispatcher::Mutate, 1 << 13);
}
+TEST(FuzzerMutate, CopyPartNoInsertAtMaxSize) {
+ // This (non exhaustively) tests if `Mutate_CopyPart` tries to perform an
+ // insert on an input of size `MaxSize`. Performing an insert in this case
+ // will lead to the mutation failing.
+ std::unique_ptr<ExternalFunctions> t(new ExternalFunctions());
+ fuzzer::EF = t.get();
+ Random Rand(0);
+ std::unique_ptr<MutationDispatcher> MD(new MutationDispatcher(Rand, {}));
+ uint8_t Data[8] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x00, 0x11, 0x22};
+ size_t MaxSize = sizeof(Data);
+ for (int count = 0; count < (1 << 18); ++count) {
+ size_t NewSize = MD->Mutate_CopyPart(Data, MaxSize, MaxSize);
+ ASSERT_EQ(NewSize, MaxSize);
+ }
+}
void TestAddWordFromDictionary(Mutator M, int NumIter) {
std::unique_ptr<ExternalFunctions> t(new ExternalFunctions());
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D45693.143681.patch
Type: text/x-patch
Size: 1891 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180424/1695cb46/attachment.bin>
More information about the llvm-commits
mailing list