[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 2/4] tools/fuzz: add AFL stub program for x86 insn emulator fuzzer



On Tue, Jan 24, 2017 at 03:09:35AM -0700, Jan Beulich wrote:
> >>> On 20.01.17 at 13:11, <wei.liu2@xxxxxxxxxx> wrote:
> > @@ -33,7 +35,10 @@ distclean: clean
> >  
> >  .PHONY: clean
> >  clean:
> > -   rm -f *.a *.o
> > +   rm -f *.a *.o afl-x86-insn-emulator-fuzzer
> 
> Perhaps *-x86-insn-emulator-fuzzer right away?
> 

OK.

> > --- /dev/null
> > +++ b/tools/fuzz/x86_instruction_emulator/afl-x86-insn-emulator-fuzzer.c
> > @@ -0,0 +1,42 @@
> > +#include <assert.h>
> > +#include <fcntl.h>
> > +#include <stdint.h>
> > +#include <stdio.h>
> > +#include <stdlib.h>
> > +#include <sys/stat.h>
> > +#include <sys/types.h>
> > +#include <unistd.h>
> > +
> > +extern int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size);
> > +
> > +static uint8_t input[4096];
> > +
> > +int main(int argc, char **argv)
> > +{
> > +    size_t size;
> > +    int fd;
> > +
> > +    if ( argc != 2 )
> > +    {
> > +        printf("Expecting only one argument\n");
> > +        exit(1);
> > +    }
> > +
> > +    fd = open(argv[1], O_RDONLY, 0);
> > +    assert(fd != -1);
> > +    size = read(fd, input, sizeof(input));
> > +    close(fd);
> > +
> > +    LLVMFuzzerTestOneInput(input, size);
> 
> Please handle the case of read() failing (at least in the same way as
> you do for open()). With that

OK. I change size to be ssize_t and then assert(size != -1) after
read().

> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
> 

Thanks for reviewing.

> Jan
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.