|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] fuzz/x86_emulate: clear errors after each iteration
commit 849a1f10c937ce0782db95b85da391a49317c49e
Author: George Dunlap <george.dunlap@xxxxxxxxxx>
AuthorDate: Mon Oct 9 16:04:11 2017 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon Oct 9 16:04:11 2017 +0200
fuzz/x86_emulate: clear errors after each iteration
Once feof() returns true for a stream, it will continue to return true
for that stream until clearerr() is called (or the stream is closed
and re-opened).
In llvm-clang-fast-mode, the same file descriptor is used for each
iteration of the loop, meaning that the "Input too large" check was
broken -- feof() would return true even if the fread() hadn't hit the
end of the file. The result is that AFL generates testcases of
arbitrary size.
Fix this by clearing the error after each iteration.
Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
tools/fuzz/x86_instruction_emulator/afl-harness.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c
b/tools/fuzz/x86_instruction_emulator/afl-harness.c
index 1548693..b4d1545 100644
--- a/tools/fuzz/x86_instruction_emulator/afl-harness.c
+++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c
@@ -97,6 +97,8 @@ int main(int argc, char **argv)
fclose(fp);
fp = NULL;
}
+ else
+ clearerr(fp);
LLVMFuzzerTestOneInput(input, size);
}
--
generated by git-patchbot for /home/xen/git/xen.git#master
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |