[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 01/12] fuzz/x86_emulate: Clear errors after each iteration



On 10/10/17 17:47, George Dunlap wrote:
> On 10/10/2017 05:20 PM, George Dunlap wrote:
>> Once feof() returns true for a stream, it will continue to return true
>> for that stream until clearerr() is called (or the stream is closed
>> and re-opened).
>>
>> In llvm-clang-fast-mode, the same file descriptor is used for each
>> iteration of the loop, meaning that the "Input too large" check was
>> broken -- feof() would return true even if the fread() hadn't hit the
>> end of the file.  The result is that AFL generates testcases of
>> arbitrary size.
>>
>> Fix this by fseek'ing to the beginning of the file on every iteration;
>> this resets the EOF marker and other state.
>>
>> Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
>> ---
>> Changes in v3:
>> - Fix the issue in the official sanctioned way
> Hmm, seems v2 of this patch was checked in; review had flagged up that
> "clearerr()" was too big of a hammer.
>
> Attached is a revised v1/12 patch that fixes this.
>
>  -George

Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.