From c2df1d8a6d1cab95637a3b40d49a15e535135b33 Mon Sep 17 00:00:00 2001 From: "Wu, Yingcong" Date: Wed, 22 Mar 2023 21:49:19 -0700 Subject: [PATCH] [libfuzzer] add test of cov file-id in control file There is test for ft file-id in control file, but no test for cov line. Without the test, a invalid cov file-id would cause crash. Reviewed By: vitalybuka Differential Revision: https://reviews.llvm.org/D145672 --- compiler-rt/lib/fuzzer/FuzzerMerge.cpp | 8 ++++++-- compiler-rt/test/fuzzer/merge-control-file.test | 14 ++++++++++++++ 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/compiler-rt/lib/fuzzer/FuzzerMerge.cpp b/compiler-rt/lib/fuzzer/FuzzerMerge.cpp index 24bd119..8c8806e 100644 --- a/compiler-rt/lib/fuzzer/FuzzerMerge.cpp +++ b/compiler-rt/lib/fuzzer/FuzzerMerge.cpp @@ -77,6 +77,7 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) { size_t ExpectedStartMarker = 0; const size_t kInvalidStartMarker = -1; size_t LastSeenStartMarker = kInvalidStartMarker; + bool HaveFtMarker = true; std::vector TmpFeatures; std::set PCs; while (std::getline(IS, Line, '\n')) { @@ -93,12 +94,13 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) { LastSeenStartMarker = ExpectedStartMarker; assert(ExpectedStartMarker < Files.size()); ExpectedStartMarker++; + HaveFtMarker = false; } else if (Marker == "FT") { // FT FILE_ID COV1 COV2 COV3 ... size_t CurrentFileIdx = N; if (CurrentFileIdx != LastSeenStartMarker) return false; - LastSeenStartMarker = kInvalidStartMarker; + HaveFtMarker = true; if (ParseCoverage) { TmpFeatures.clear(); // use a vector from outer scope to avoid resizes. while (ISS1 >> N) @@ -108,6 +110,8 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) { } } else if (Marker == "COV") { size_t CurrentFileIdx = N; + if (CurrentFileIdx != LastSeenStartMarker) + return false; if (ParseCoverage) while (ISS1 >> N) if (PCs.insert(N).second) @@ -116,7 +120,7 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) { return false; } } - if (LastSeenStartMarker != kInvalidStartMarker) + if (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker) LastFailure = Files[LastSeenStartMarker].Name; FirstNotProcessedFile = ExpectedStartMarker; diff --git a/compiler-rt/test/fuzzer/merge-control-file.test b/compiler-rt/test/fuzzer/merge-control-file.test index ebd2cf5..c7d666e 100644 --- a/compiler-rt/test/fuzzer/merge-control-file.test +++ b/compiler-rt/test/fuzzer/merge-control-file.test @@ -50,3 +50,17 @@ RUN: echo STARTED 2 2 >> %t/MCF RUN: echo FT 2 13 >> %t/MCF RUN: %run %t/T.exe -merge=1 %t/T1 %t/T2 -merge_control_file=%t/MCF 2>&1 | FileCheck %s --check-prefix=OK_3 OK_3: MERGE-OUTER: nothing to do, merge has been completed before + +# Test for invalid COV file_id +RUN: rm -f %t/T1/*; cp %t/T0/* %t/T1 +RUN: echo 3 > %t/MCF; echo 0 >> %t/MCF; echo %t/T1/1 >> %t/MCF; echo %t/T1/2 >> %t/MCF; echo %t/T1/3 >> %t/MCF +RUN: echo STARTED 0 1 >> %t/MCF +RUN: echo FT 0 11 >> %t/MCF +RUN: echo STARTED 1 2 >> %t/MCF +RUN: echo FT 1 12 >> %t/MCF +RUN: echo STARTED 2 2 >> %t/MCF +RUN: echo FT 2 13 >> %t/MCF +# Invalid file-id 21 here +RUN: echo COV 21 13 >> %t/MCF +RUN: %run %t/T.exe -merge=1 %t/T1 %t/T2 -merge_control_file=%t/MCF 2>&1 | FileCheck %s --check-prefix=COV_INVALID +COV_INVALID: MERGE-OUTER: bad control file, will overwrite it -- 2.7.4