[compiler-rt] 16d9f44 - [libFuzzer] Fix fd check in DupAndCloseStderr.

Marco Vanotti via llvm-commits llvm-commits at lists.llvm.org
Thu Nov 21 15:25:25 PST 2019 

Author: Marco Vanotti
Date: 2019-11-21T15:25:10-08:00
New Revision: 16d9f44fd154b409b1c7f0876ba7c767b60cb3da

URL: https://github.com/llvm/llvm-project/commit/16d9f44fd154b409b1c7f0876ba7c767b60cb3da
DIFF: https://github.com/llvm/llvm-project/commit/16d9f44fd154b409b1c7f0876ba7c767b60cb3da.diff

LOG: [libFuzzer] Fix fd check in DupAndCloseStderr.

Summary:
This commit fixes the check in the return value from the `DuplicateFile`
function, which returns a new file descriptor. `DuplicateFile` can
return 0 if that file descriptor is available (for example, if stdin has
already been closed).

In particular, this could cause a bug with the `-close_fd_mask` flag in
some platforms: just call the fuzzer with stdin closed and the
`-close_fd_mask=2` flag, and stderr will not be muted.

Example fuzzer:

```

extern "C" int LLVMFuzzerTestOneInput(const uint8_t* Data, size_t Size) {
  fprintf(stderr, "STDERR\n");
  fprintf(stdout, "STDOUT\n");
  return 0;
}
```

Invocation (muting both stderr and stdout):
```
./test -close_fd_mask=3 -runs=1 0<&-
INFO: Seed: 1155116940
INFO: Loaded 1 modules   (1 inline 8-bit counters): 1 [0x48b020, 0x48b021),
INFO: Loaded 1 PC tables (1 PCs): 1 [0x478dc8,0x478dd8),
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
STDERR
INFO: A corpus is not provided, starting from an empty corpus
STDERR
Done 2 runs in 0 second(s)
```

Reviewers: mcgrathr, jakehehrlich, phosek, kcc, aarongreen

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D68775

Added: 
    

Modified: 
    compiler-rt/lib/fuzzer/FuzzerIO.cpp

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/fuzzer/FuzzerIO.cpp b/compiler-rt/lib/fuzzer/FuzzerIO.cpp
index 7e5ba30a2e7d..f0708164be87 100644
--- a/compiler-rt/lib/fuzzer/FuzzerIO.cpp
+++ b/compiler-rt/lib/fuzzer/FuzzerIO.cpp
@@ -111,7 +111,7 @@ std::string DirPlusFile(const std::string &DirPath,
 
 void DupAndCloseStderr() {
   int OutputFd = DuplicateFile(2);
-  if (OutputFd > 0) {
+  if (OutputFd >= 0) {
     FILE *NewOutputFile = OpenFile(OutputFd, "w");
     if (NewOutputFile) {
       OutputFile = NewOutputFile;

More information about the llvm-commits mailing list