Xen project Mailing List

[Xen-devel] [PATCH 7/8] tools/insn-fuzz: Make use of LLVMFuzzerInitialize()

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Mon, 20 Mar 2017 11:19:44 +0000

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>

Delivery-date: Mon, 20 Mar 2017 11:20:09 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

libfuzz can perform one-time initialisation by calling LLVMFuzzerInitialize(). Move emul_test_init() into this, to avoid repeating it on every LLVMFuzzerTestOneInput() call. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- CC: Jan Beulich <JBeulich@xxxxxxxx> CC: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> CC: Wei Liu <wei.liu2@xxxxxxxxxx> --- tools/fuzz/x86_instruction_emulator/afl-harness.c | 4 ++++ tools/fuzz/x86_instruction_emulator/fuzz-emul.c | 19 +++++++++++-------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c b/tools/fuzz/x86_instruction_emulator/afl-harness.c index 89d8605..63aff59 100644 --- a/tools/fuzz/x86_instruction_emulator/afl-harness.c +++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c @@ -5,6 +5,7 @@ #include <string.h> #include <getopt.h> +extern int LLVMFuzzerInitialize(int *argc, char ***argv); extern int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size); extern unsigned int fuzz_minimal_input_size(void); @@ -57,6 +58,9 @@ int main(int argc, char **argv) else if ( optind != (argc - 1) ) goto usage; + if ( LLVMFuzzerInitialize(&argc, &argv) ) + exit(-1); + if ( fp != stdin ) /* If not using stdin, open the provided file. */ { fp = fopen(argv[optind], "rb"); diff --git a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c index 4b1e324..3b3041d 100644 --- a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c +++ b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c @@ -646,9 +646,19 @@ static void sanitize_input(struct x86_emulate_ctxt *ctxt) } } +int LLVMFuzzerInitialize(int *argc, char ***argv) +{ + if ( !emul_test_init() ) + { + printf("Warning: Stack could not be made executable (%d).\n", errno); + return 1; + } + + return 0; +} + int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size) { - bool stack_exec; struct cpu_user_regs regs = {}; struct x86_emulate_ctxt ctxt = { .regs = &regs, @@ -657,13 +667,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size) }; int rc; - stack_exec = emul_test_init(); - if ( !stack_exec ) - { - printf("Warning: Stack could not be made executable (%d).\n", errno); - return 1; - } - /* Reset all global state variables */ memset(&input, 0, sizeof(input)); data_index = 0; -- 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.