forked from OSchip/llvm-project
[libFuzzer] add a test for asan's strict_string_checks=1
llvm-svn: 284902
This commit is contained in:
parent
110e2e52b7
commit
2bfff021ad
|
@ -100,6 +100,7 @@ set(Tests
|
|||
ShrinkControlFlowTest
|
||||
ShrinkValueProfileTest
|
||||
StrcmpTest
|
||||
StrncmpOOBTest
|
||||
StrncmpTest
|
||||
StrstrTest
|
||||
SwapCmpTest
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
// This file is distributed under the University of Illinois Open Source
|
||||
// License. See LICENSE.TXT for details.
|
||||
|
||||
// Test that libFuzzer itself does not read out of bounds.
|
||||
#include <assert.h>
|
||||
#include <cstdint>
|
||||
#include <cstring>
|
||||
#include <cstdlib>
|
||||
#include <cstddef>
|
||||
#include <iostream>
|
||||
|
||||
static volatile int Sink;
|
||||
|
||||
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
|
||||
if (Size < 5) return 0;
|
||||
const char *Ch = reinterpret_cast<const char *>(Data);
|
||||
if (Ch[Size - 3] == 'a')
|
||||
Sink = strncmp(Ch + Size - 3, "abcdefg", 6);
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -57,3 +57,7 @@ RUN: LLVMFuzzer-SimpleTest-TracePC -exit_on_src_pos=SimpleTest.cpp:17
|
|||
RUN: LLVMFuzzer-ShrinkControlFlowTest-TracePC -exit_on_src_pos=ShrinkControlFlowTest.cpp:23 2>&1 | FileCheck %s --check-prefix=EXIT_ON_SRC_POS
|
||||
EXIT_ON_SRC_POS: INFO: found line matching '{{.*}}', exiting.
|
||||
|
||||
RUN: ASAN_OPTIONS=strict_string_checks=1 not LLVMFuzzer-StrncmpOOBTest -seed=1 -runs=1000000 2>&1 | FileCheck %s --check-prefix=STRNCMP
|
||||
STRNCMP: AddressSanitizer: heap-buffer-overflow
|
||||
STRNCMP-NOT: __sanitizer_weak_hook_strncmp
|
||||
STRNCMP: in LLVMFuzzerTestOneInput
|
||||
|
|
Loading…
Reference in New Issue