diff options
| author | Kostya Serebryany <kcc@google.com> | 2016-03-12 01:57:04 +0000 |
|---|---|---|
| committer | Kostya Serebryany <kcc@google.com> | 2016-03-12 01:57:04 +0000 |
| commit | 64d24578d8e199a5f0de8849179ab58807747afb (patch) | |
| tree | e3441a9956b880c6019e4f2d9ee76a7db176105a /llvm/lib/Fuzzer/FuzzerTraceState.cpp | |
| parent | a0d9990c59f4e4f6637d72ff8d69f01f7d47b73b (diff) | |
| download | bcm5719-llvm-64d24578d8e199a5f0de8849179ab58807747afb.tar.gz bcm5719-llvm-64d24578d8e199a5f0de8849179ab58807747afb.zip | |
[libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes.
llvm-svn: 263323
Diffstat (limited to 'llvm/lib/Fuzzer/FuzzerTraceState.cpp')
| -rw-r--r-- | llvm/lib/Fuzzer/FuzzerTraceState.cpp | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerTraceState.cpp b/llvm/lib/Fuzzer/FuzzerTraceState.cpp index dc4f18c353a..8123407e98c 100644 --- a/llvm/lib/Fuzzer/FuzzerTraceState.cpp +++ b/llvm/lib/Fuzzer/FuzzerTraceState.cpp @@ -253,6 +253,17 @@ class TraceState { AddMutation(Pos, Size, reinterpret_cast<uint8_t*>(&Data)); } + void EnsureDfsanLabels(size_t Size) { + for (; LastDfsanLabel < Size; LastDfsanLabel++) { + dfsan_label L = dfsan_create_label("input", (void *)(LastDfsanLabel + 1)); + // We assume that no one else has called dfsan_create_label before. + if (L != LastDfsanLabel + 1) { + Printf("DFSan labels are not starting from 1, exiting\n"); + exit(1); + } + } + } + private: bool IsTwoByteData(uint64_t Data) { int64_t Signed = static_cast<int64_t>(Data); @@ -279,6 +290,7 @@ class TraceState { size_t NumMutations; TraceBasedMutation Mutations[kMaxMutations]; LabelRange LabelRanges[1 << (sizeof(dfsan_label) * 8)]; + size_t LastDfsanLabel = 0; MutationDispatcher &MD; const Fuzzer::FuzzingOptions &Options; uint8_t **CurrentUnitData; @@ -480,6 +492,7 @@ void Fuzzer::StopTraceRecording() { void Fuzzer::AssignTaintLabels(uint8_t *Data, size_t Size) { if (!Options.UseTraces && !Options.UseMemcmp) return; if (!ReallyHaveDFSan()) return; + TS->EnsureDfsanLabels(Size); for (size_t i = 0; i < Size; i++) dfsan_set_label(i + 1, &Data[i], 1); } @@ -487,16 +500,6 @@ void Fuzzer::AssignTaintLabels(uint8_t *Data, size_t Size) { void Fuzzer::InitializeTraceState() { if (!Options.UseTraces && !Options.UseMemcmp) return; TS = new TraceState(MD, Options, &CurrentUnitData, &CurrentUnitSize); - if (ReallyHaveDFSan()) { - for (size_t i = 0; i < static_cast<size_t>(Options.MaxLen); i++) { - dfsan_label L = dfsan_create_label("input", (void *)(i + 1)); - // We assume that no one else has called dfsan_create_label before. - if (L != i + 1) { - Printf("DFSan labels are not starting from 1, exiting\n"); - exit(1); - } - } - } } static size_t InternalStrnlen(const char *S, size_t MaxLen) { |
