Libfuzzer: do not pass null into user function

Differential Revision: http://reviews.llvm.org/D15098

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@254558 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp
index 7aea169b7ae992905a1828614ad5894dde421431..9c52a4dbe774e0cb9a63668e07c2bf747a10eff0 100644 (file)
--- a/lib/Fuzzer/FuzzerLoop.cpp
+++ b/lib/Fuzzer/FuzzerLoop.cpp
@@ -238,7 +238,11 @@ void Fuzzer::RunOneAndUpdateCorpus(Unit &U) {
 }
 
 void Fuzzer::ExecuteCallback(const Unit &U) {
 }
 
 void Fuzzer::ExecuteCallback(const Unit &U) {

-  int Res = USF.TargetFunction(U.data(), U.size());
+  const uint8_t *Data = U.data();
+  uint8_t EmptyData;
+  if (!Data) 
+    Data = &EmptyData;
+  int Res = USF.TargetFunction(Data, U.size());

   (void)Res;
   assert(Res == 0);
 }
   (void)Res;
   assert(Res == 0);
 }

diff --git a/lib/Fuzzer/test/SimpleTest.cpp b/lib/Fuzzer/test/SimpleTest.cpp
index 6811d115d9604d3acfacd6d5a9158d790ce0c995..04225a889f5d5ba26902e8bccb8493ba098955c4 100644 (file)
--- a/lib/Fuzzer/test/SimpleTest.cpp
+++ b/lib/Fuzzer/test/SimpleTest.cpp
@@ -1,4 +1,5 @@
 // Simple test for a fuzzer. The fuzzer must find the string "Hi!".
 // Simple test for a fuzzer. The fuzzer must find the string "Hi!".

+#include <assert.h>

 #include <cstdint>
 #include <cstdlib>
 #include <cstddef>
 #include <cstdint>
 #include <cstdlib>
 #include <cstddef>


@@ -7,6 +8,7 @@
 static volatile int Sink;
 
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
 static volatile int Sink;
 
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {

+  assert(Data);

   if (Size > 0 && Data[0] == 'H') {
     Sink = 1;
     if (Size > 1 && Data[1] == 'i') {
   if (Size > 0 && Data[0] == 'H') {
     Sink = 1;
     if (Size > 1 && Data[1] == 'i') {