|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] fuzz/x86_emulate: Fix afl-harness batch mode file pointer leak
commit d525519bedbcb3fb7b9cc297e352a35124681850
Author: George Dunlap <george.dunlap@xxxxxxxxxx>
AuthorDate: Fri Oct 13 09:36:00 2017 +0100
Commit: George Dunlap <george.dunlap@xxxxxxxxxx>
CommitDate: Fri Oct 27 14:44:05 2017 +0100
fuzz/x86_emulate: Fix afl-harness batch mode file pointer leak
Changeset 2b1cde7783 introduced "batch mode" to afl-harness, which allowed
the handling of several inputs in sequence.
Unfortunately, it introduced a file pointer leak when the file was
larger than the maximum size. Restructure the code to always close fp
if we opened it.
Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
Release-acked-by: Julien Grall <julien.grall@xxxxxxxxxx>
---
tools/fuzz/x86_instruction_emulator/afl-harness.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c
b/tools/fuzz/x86_instruction_emulator/afl-harness.c
index d514468..a2bae46 100644
--- a/tools/fuzz/x86_instruction_emulator/afl-harness.c
+++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c
@@ -99,13 +99,17 @@ int main(int argc, char **argv)
exit(-1);
}
- if ( !feof(fp) )
+ /* Only run the test if the input file was smaller than INPUT_SIZE */
+ if ( feof(fp) )
+ {
+ LLVMFuzzerTestOneInput(input, size);
+ }
+ else
{
printf("Input too large\n");
/* Don't exit if we're doing batch processing */
if ( max == 1 )
exit(-1);
- continue;
}
if ( fp != stdin )
@@ -113,8 +117,6 @@ int main(int argc, char **argv)
fclose(fp);
fp = NULL;
}
-
- LLVMFuzzerTestOneInput(input, size);
}
return 0;
--
generated by git-patchbot for /home/xen/git/xen.git#master
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |