[libFuzzer] Make MutateWithMask work when the Mask is shorter than the input.
Summary: Before this change, MutateWithMask used to assert that Mask should be of sufficient length (>= Size of the input). However, in real cases we may have inputs that are longer than the Mask they have inherited from the based inputs. Reviewers: kcc, morehouse Reviewed By: kcc Subscribers: delcypher, #sanitizers, llvm-commits Tags: #llvm, #sanitizers Differential Revision: https://reviews.llvm.org/D60571 llvm-svn: 358207
This commit is contained in:
parent
3e58f94ced
commit
bcb93a35c0
|
@ -529,7 +529,7 @@ size_t MutationDispatcher::MutateImpl(uint8_t *Data, size_t Size,
|
||||||
size_t MutationDispatcher::MutateWithMask(uint8_t *Data, size_t Size,
|
size_t MutationDispatcher::MutateWithMask(uint8_t *Data, size_t Size,
|
||||||
size_t MaxSize,
|
size_t MaxSize,
|
||||||
const Vector<uint8_t> &Mask) {
|
const Vector<uint8_t> &Mask) {
|
||||||
assert(Size <= Mask.size());
|
size_t MaskedSize = std::min(Size, Mask.size());
|
||||||
// * Copy the worthy bytes into a temporary array T
|
// * Copy the worthy bytes into a temporary array T
|
||||||
// * Mutate T
|
// * Mutate T
|
||||||
// * Copy T back.
|
// * Copy T back.
|
||||||
|
@ -538,7 +538,7 @@ size_t MutationDispatcher::MutateWithMask(uint8_t *Data, size_t Size,
|
||||||
if (T.size() < Size)
|
if (T.size() < Size)
|
||||||
T.resize(Size);
|
T.resize(Size);
|
||||||
size_t OneBits = 0;
|
size_t OneBits = 0;
|
||||||
for (size_t I = 0; I < Size; I++)
|
for (size_t I = 0; I < MaskedSize; I++)
|
||||||
if (Mask[I])
|
if (Mask[I])
|
||||||
T[OneBits++] = Data[I];
|
T[OneBits++] = Data[I];
|
||||||
|
|
||||||
|
@ -548,7 +548,7 @@ size_t MutationDispatcher::MutateWithMask(uint8_t *Data, size_t Size,
|
||||||
assert(NewSize <= OneBits);
|
assert(NewSize <= OneBits);
|
||||||
(void)NewSize;
|
(void)NewSize;
|
||||||
// Even if NewSize < OneBits we still use all OneBits bytes.
|
// Even if NewSize < OneBits we still use all OneBits bytes.
|
||||||
for (size_t I = 0, J = 0; I < Size; I++)
|
for (size_t I = 0, J = 0; I < MaskedSize; I++)
|
||||||
if (Mask[I])
|
if (Mask[I])
|
||||||
Data[I] = T[J++];
|
Data[I] = T[J++];
|
||||||
return Size;
|
return Size;
|
||||||
|
|
Loading…
Reference in New Issue