diff options
| author | Vitaly Buka <vitalybuka@google.com> | 2019-04-05 20:17:03 +0000 |
|---|---|---|
| committer | Vitaly Buka <vitalybuka@google.com> | 2019-04-05 20:17:03 +0000 |
| commit | 3db6ad2bcfc5fb38343cfd7ce6eb56d9415e2b1e (patch) | |
| tree | aeaace02175721f5f948547d00487df853312a3b /compiler-rt | |
| parent | 883ab235eea79198089319ccbd938ecf47f3c9dd (diff) | |
| download | bcm5719-llvm-3db6ad2bcfc5fb38343cfd7ce6eb56d9415e2b1e.tar.gz bcm5719-llvm-3db6ad2bcfc5fb38343cfd7ce6eb56d9415e2b1e.zip | |
Use binary write mode in WriteToFile function to avoid appended \r characters on Windows
Summary:
When using libfuzzer on Windows, in the contents of a crash sample, bytes that can be mistaken for a \n are replaced by a \r\n sequence. As a consequence, crashes are not reproducible. This patch will open files in binary mode to fix this issue. The patch does not affect POSIX systems.
Patch by tuktuk
Reviewers: kcc, vitalybuka
Reviewed By: vitalybuka
Subscribers: dexonsmith, jdoerfert, llvm-commits, #sanitizers
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D60008
llvm-svn: 357807
Diffstat (limited to 'compiler-rt')
| -rw-r--r-- | compiler-rt/lib/fuzzer/FuzzerIO.cpp | 2 | ||||
| -rw-r--r-- | compiler-rt/test/fuzzer/ReloadTest.cpp | 24 | ||||
| -rw-r--r-- | compiler-rt/test/fuzzer/reload.test | 13 |
3 files changed, 38 insertions, 1 deletions
diff --git a/compiler-rt/lib/fuzzer/FuzzerIO.cpp b/compiler-rt/lib/fuzzer/FuzzerIO.cpp index 290112aa4b1..423ab4befba 100644 --- a/compiler-rt/lib/fuzzer/FuzzerIO.cpp +++ b/compiler-rt/lib/fuzzer/FuzzerIO.cpp @@ -62,7 +62,7 @@ void CopyFileToErr(const std::string &Path) { void WriteToFile(const Unit &U, const std::string &Path) { // Use raw C interface because this function may be called from a sig handler. - FILE *Out = fopen(Path.c_str(), "w"); + FILE *Out = fopen(Path.c_str(), "wb"); if (!Out) return; fwrite(U.data(), sizeof(U[0]), U.size(), Out); fclose(Out); diff --git a/compiler-rt/test/fuzzer/ReloadTest.cpp b/compiler-rt/test/fuzzer/ReloadTest.cpp new file mode 100644 index 00000000000..fb1fef97a30 --- /dev/null +++ b/compiler-rt/test/fuzzer/ReloadTest.cpp @@ -0,0 +1,24 @@ +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception + +// Test that fuzzer we can reload artifacts with any bytes inside. +#include <algorithm> +#include <cstdint> +#include <numeric> +#include <set> +#include <stdio.h> + +extern "C" size_t LLVMFuzzerCustomMutator(uint8_t *Data, size_t Size, + size_t MaxSize, unsigned int Seed) { + std::srand(Seed); + std::generate(Data, Data + MaxSize, std::rand); + return MaxSize; +} + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + if (Size > 5000 && std::set<uint8_t>(Data, Data + Size).size() > 255 && + (uint8_t)std::accumulate(Data, Data + Size, uint8_t(Size)) == 0) + __builtin_trap(); + return 0; +} diff --git a/compiler-rt/test/fuzzer/reload.test b/compiler-rt/test/fuzzer/reload.test new file mode 100644 index 00000000000..62321cec3b0 --- /dev/null +++ b/compiler-rt/test/fuzzer/reload.test @@ -0,0 +1,13 @@ +RUN: %cpp_compiler %S/ReloadTest.cpp -o %t-ReloadTest +RUN: not %run %t-ReloadTest -max_len=10000 -seed=1 -timeout=15 -len_control=0 -exact_artifact_path=%t.crash 2>&1 | FileCheck %s + +CHECK: Test unit written to {{.*}}reload.test.tmp.crash + +RUN: not %run %t-ReloadTest %t.crash 2>&1 | FileCheck %s --check-prefix=ARTIFACT + +ARTIFACT: Running: {{.*}}reload.test.tmp.crash +ARTIFACT: ERROR: libFuzzer: deadly signal + +# Sanity check that altered artifact is not going to crash +RUN: echo z >> %t.crash +RUN: %run %t-ReloadTest %t.crash |
