[libFuzzer] be more careful when calling strlen of strcmp parameters, PR32357 llvm-svn: 298746

commit: c58982d6fa279f041b37b5cc0432af9e1a9f9a83 [log] [tgz]
author: Kostya Serebryany <kcc@google.com> Fri Mar 24 22:19:52 2017 +0000
committer: Kostya Serebryany <kcc@google.com> Fri Mar 24 22:19:52 2017 +0000
tree: 868665cca2b48deff90933a6af4358c4e897681f
parent: 8fbb74b5b24183d7b2afbc36c690921d9690307e [diff] [blame]
diff --git a/llvm/lib/Fuzzer/test/BadStrcmpTest.cpp b/llvm/lib/Fuzzer/test/BadStrcmpTest.cpp
new file mode 100644
index 0000000..159cd7e
--- /dev/null
+++ b/llvm/lib/Fuzzer/test/BadStrcmpTest.cpp

@@ -0,0 +1,19 @@
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+
+// Test that we don't creash in case of bad strcmp params.
+#include <cstdint>
+#include <cstring>
+#include <cstddef>
+
+static volatile int Sink;
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  if (Size != 10) return 0;
+  // Data is not zero-terminated, so this call is bad.
+  // Still, there are cases when such calles appear, see e.g.
+  // https://bugs.llvm.org/show_bug.cgi?id=32357
+  Sink = strcmp(reinterpret_cast<const char*>(Data), "123456789");
+  return 0;
+}
+
commit	c58982d6fa279f041b37b5cc0432af9e1a9f9a83	[log] [tgz]
author	Kostya Serebryany <kcc@google.com>	Fri Mar 24 22:19:52 2017 +0000
committer	Kostya Serebryany <kcc@google.com>	Fri Mar 24 22:19:52 2017 +0000
tree	868665cca2b48deff90933a6af4358c4e897681f
parent	8fbb74b5b24183d7b2afbc36c690921d9690307e [diff] [blame]