mirrors/llvm-project
0
0
Fork 0
mirror of https://github.com/llvm/llvm-project.git synced 2025-04-29 23:16:06 +00:00
Code Issues Projects Releases Wiki Activity
llvm-project/llvm/tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp
DavidKorczynski 1287f5aaf7
[llvm-dwarfdump-fuzzer] fix out of bounds potential (#76408) 
The fuzzer relies on MemoryBuffer to hold fuzz data, and MemoryBuffer
guarantees that "In addition to basic access to the characters in the
file, this interface guarantees you can read one character past the end
of the file, and that this character will read as '\0'."
[Ref](https://llvm.org/doxygen/classllvm_1_1MemoryBuffer.html#details).
The current fuzzing set up does not support this, which causes potential
false positives. This PR fixes it.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65114

Signed-off-by: David Korczynski <david@adalogics.com>
2023-12-28 21:16:03 +01:00

41 lines
1.4 KiB
C++
Raw Blame History

//===-- llvm-dwarfdump-fuzzer.cpp - Fuzz the llvm-dwarfdump tool ----------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
///
/// \file
/// This file implements a function that runs llvm-dwarfdump
/// on a single input. This function is then linked into the Fuzzer library.
///
//===----------------------------------------------------------------------===//
#include "llvm/DebugInfo/DIContext.h"
#include "llvm/DebugInfo/DWARF/DWARFContext.h"
#include "llvm/Object/ObjectFile.h"
#include "llvm/Support/MemoryBuffer.h"
using namespace llvm;
using namespace object;
extern "C" int LLVMFuzzerTestOneInput(uint8_t *data, size_t size) {
std::string Payload(reinterpret_cast<const char *>(data), size);
std::unique_ptr<MemoryBuffer> Buff = MemoryBuffer::getMemBuffer(Payload);
Expected<std::unique_ptr<ObjectFile>> ObjOrErr =
ObjectFile::createObjectFile(Buff->getMemBufferRef());
if (auto E = ObjOrErr.takeError()) {
consumeError(std::move(E));
return 0;
}
ObjectFile &Obj = *ObjOrErr.get();
std::unique_ptr<DIContext> DICtx = DWARFContext::create(Obj);
DIDumpOptions opts;
opts.DumpType = DIDT_All;
DICtx->dump(nulls(), opts);
return 0;
}
Reference in New Issue View Git Blame Copy Permalink