[libFuzzer] respect -max_len during merge

llvm-svn: 289467
author: Kostya Serebryany <kcc@google.com> 2016-12-12 20:39:35 +0000
committer: Kostya Serebryany <kcc@google.com> 2016-12-12 20:39:35 +0000
commit: d4be88913ed998522a6929bef134e0d16726ee15 (patch)
tree: c870ce5223252b9ae403e83d990f245921d2c686 /llvm/lib/Fuzzer
parent: a29bd6ffcc20eb889630df641c00768148e630d3 (diff)
download: bcm5719-llvm-d4be88913ed998522a6929bef134e0d16726ee15.tar.gz
bcm5719-llvm-d4be88913ed998522a6929bef134e0d16726ee15.zip
3 files changed, 8 insertions, 1 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerLoop.cpp b/llvm/lib/Fuzzer/FuzzerLoop.cpp
index 3d904019faa..ff99f8afa80 100644
--- a/llvm/lib/Fuzzer/FuzzerLoop.cpp
+++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp
@@ -638,7 +638,8 @@ void Fuzzer::Merge(const std::vector<std::string> &Corpora) {
 
   assert(MaxInputLen > 0);
   UnitVector Initial, Extra;
-  ReadDirToVectorOfUnits(Corpora[0].c_str(), &Initial, nullptr, MaxInputLen, true);
+  ReadDirToVectorOfUnits(Corpora[0].c_str(), &Initial, nullptr, MaxInputLen,
+                         true);
   for (auto &C : ExtraCorpora)
     ReadDirToVectorOfUnits(C.c_str(), &Extra, nullptr, MaxInputLen, true);
 
diff --git a/llvm/lib/Fuzzer/FuzzerMerge.cpp b/llvm/lib/Fuzzer/FuzzerMerge.cpp
index d3f1ab18525..21f15998330 100644
--- a/llvm/lib/Fuzzer/FuzzerMerge.cpp
+++ b/llvm/lib/Fuzzer/FuzzerMerge.cpp
@@ -175,6 +175,10 @@ void Fuzzer::CrashResistantMergeInternalStep(const std::string &CFPath) {
   std::ofstream OF(CFPath, std::ofstream::out | std::ofstream::app);
   for (size_t i = M.FirstNotProcessedFile; i < M.Files.size(); i++) {
     auto U = FileToVector(M.Files[i].Name);
+    if (U.size() > Options.MaxLen) {
+      U.resize(Options.MaxLen);
+      U.shrink_to_fit();
+    }
     std::ostringstream StartedLine;
     // Write the pre-run marker.
     OF << "STARTED " << std::dec << i << " " << U.size() << "\n";
diff --git a/llvm/lib/Fuzzer/test/merge.test b/llvm/lib/Fuzzer/test/merge.test
index 4e000f2342b..ac07b79b34d 100644
--- a/llvm/lib/Fuzzer/test/merge.test
+++ b/llvm/lib/Fuzzer/test/merge.test
@@ -29,6 +29,8 @@ RUN: LLVMFuzzer-FullCoverageSetTest         -merge=1 %tmp/T1 %tmp/T2 2>&1 | File
 CHECK3: === Minimizing the initial corpus of 6 units
 CHECK3: === Merge: written 0 units
 
+# Check that we respect max_len during the merge and don't crash.
+RUN: LLVMFuzzer-FullCoverageSetTest         -merge=1 %tmp/T1 %tmp/T2 -max_len=4
 
 # Check that when merge fails we print an error message.
 RUN: echo 'Hi!' > %tmp/T1/HiI
author	Kostya Serebryany <kcc@google.com>	2016-12-12 20:39:35 +0000
committer	Kostya Serebryany <kcc@google.com>	2016-12-12 20:39:35 +0000
commit	d4be88913ed998522a6929bef134e0d16726ee15 (patch)
tree	c870ce5223252b9ae403e83d990f245921d2c686 /llvm/lib/Fuzzer
parent	a29bd6ffcc20eb889630df641c00768148e630d3 (diff)
download	bcm5719-llvm-d4be88913ed998522a6929bef134e0d16726ee15.tar.gz bcm5719-llvm-d4be88913ed998522a6929bef134e0d16726ee15.zip