[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH for-4.10] fuzz/x86_emulate: Fix afl-harness batch mode file pointer leak



Changeset XXXX introduced "batch mode" to afl-harness, which allowed
the handling of several inputs in sequence.

Unfortunately, it introduced a file pointer leak when the file was
larger than the maximum size.  Restructure the code to always close fp
if we opened it.

Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
---
Release exception justification:
- This is a bug fix.  The problem is relatively minor, but the fix is 
relatively minor too.

CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CC: Jan Beulich <jbeulich@xxxxxxxx>
CC: Ian Jackson <ian.jackson@xxxxxxxxxx>
CC: Wei Liu <wei.liu2@xxxxxxxxxx>
CC: Julien Grall <julien.grall@xxxxxxx>
---
 tools/fuzz/x86_instruction_emulator/afl-harness.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c 
b/tools/fuzz/x86_instruction_emulator/afl-harness.c
index d514468dd2..a2bae46d98 100644
--- a/tools/fuzz/x86_instruction_emulator/afl-harness.c
+++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c
@@ -99,13 +99,17 @@ int main(int argc, char **argv)
             exit(-1);
         }
 
-        if ( !feof(fp) )
+        /* Only run the test if the input file was smaller than INPUT_SIZE */
+        if ( feof(fp) )
+        {
+            LLVMFuzzerTestOneInput(input, size);
+        }
+        else
         {
             printf("Input too large\n");
             /* Don't exit if we're doing batch processing */
             if ( max == 1 )
                 exit(-1);
-            continue;
         }
 
         if ( fp != stdin )
@@ -113,8 +117,6 @@ int main(int argc, char **argv)
             fclose(fp);
             fp = NULL;
         }
-
-        LLVMFuzzerTestOneInput(input, size);
     }
 
     return 0;
-- 
2.14.2


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.