libFuzzer: prevent irrelevant strings from leaking into auto-dictionary
This is a fix for bug 37047.
https://bugs.llvm.org/show_bug.cgi?id=37047
Implemented by basically reversing the logic. Previously all strings
were considered, with some operations excluded. Now strings are excluded
by default, and only strings during the CB considered.
Patch By: pdknsk
Differential Revision: https://reviews.llvm.org/D48800
llvm-svn: 337296
GitOrigin-RevId: 43a229697622b5933da1fdeb61d4eac2a2b7742c
diff --git a/FuzzerLoop.cpp b/FuzzerLoop.cpp
index ba61c15..a2d53ee 100644
--- a/FuzzerLoop.cpp
+++ b/FuzzerLoop.cpp
@@ -43,6 +43,8 @@
SharedMemoryRegion SMR;
+bool RunningUserCallback = false;
+
// Only one Fuzzer per process.
static Fuzzer *F;
@@ -243,7 +245,7 @@
}
void Fuzzer::ExitCallback() {
- if (!RunningCB)
+ if (!RunningUserCallback)
return; // This exit did not come from the user callback
if (EF->__sanitizer_acquire_crash_state &&
!EF->__sanitizer_acquire_crash_state())
@@ -277,7 +279,7 @@
if (!InFuzzingThread())
return;
#endif
- if (!RunningCB)
+ if (!RunningUserCallback)
return; // We have not started running units yet.
size_t Seconds =
duration_cast<seconds>(system_clock::now() - UnitStartTime).count();
@@ -451,9 +453,9 @@
ScopedEnableMsanInterceptorChecks S;
UnitStartTime = system_clock::now();
TPC.ResetMaps();
- RunningCB = true;
+ RunningUserCallback = true;
CB(Data, Size);
- RunningCB = false;
+ RunningUserCallback = false;
UnitStopTime = system_clock::now();
};
@@ -558,9 +560,9 @@
AllocTracer.Start(Options.TraceMalloc);
UnitStartTime = system_clock::now();
TPC.ResetMaps();
- RunningCB = true;
+ RunningUserCallback = true;
int Res = CB(DataCopy, Size);
- RunningCB = false;
+ RunningUserCallback = false;
UnitStopTime = system_clock::now();
(void)Res;
assert(Res == 0);
