Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f11daa5d authored by Christopher Ferris's avatar Christopher Ferris Committed by Automerger Merge Worker
Browse files

Merge "Fix fuzzer so it doesn't add overlapping maps." am: a39e39fe am: 46f2a822 

Original change: https://android-review.googlesource.com/c/platform/system/core/+/1387875

Change-Id: I022825db56d21d77a8b8826ad0c7cbb266daaa9b
parents 56eb247d 46f2a822

libunwindstack/tests/fuzz/UnwinderComponentCreator.cpp

+23 −3
Original line number Original line Diff line number Diff line
@@ -16,6 +16,11 @@ 




#include "UnwinderComponentCreator.h"

#include "UnwinderComponentCreator.h"





#include <map>

#include <memory>

#include <string>

#include <vector>



std::unique_ptr<Regs> GetRegisters(ArchEnum arch) {

std::unique_ptr<Regs> GetRegisters(ArchEnum arch) {

  switch (arch) {

  switch (arch) {

    case unwindstack::ARCH_ARM: {

    case unwindstack::ARCH_ARM: {
@@ -109,13 +114,28 @@ ElfFake* PopulateElfFake(FuzzedDataProvider* data_provider) { 
  return elf;

  return elf;

}

}





static constexpr size_t kPageSize = 4096;



static constexpr uint64_t AlignToPage(uint64_t address) {

  return (address + kPageSize - 1) & ~(kPageSize - 1);

}



std::unique_ptr<Maps> GetMaps(FuzzedDataProvider* data_provider) {

std::unique_ptr<Maps> GetMaps(FuzzedDataProvider* data_provider) {

  std::unique_ptr<Maps> maps = std::make_unique<Maps>();

  std::unique_ptr<Maps> maps = std::make_unique<Maps>();

  std::map<uint64_t, uint64_t> map_ends;

  uint8_t entry_count = data_provider->ConsumeIntegralInRange<uint8_t>(0, kMaxMapEntryCount);

  uint8_t entry_count = data_provider->ConsumeIntegralInRange<uint8_t>(0, kMaxMapEntryCount);

  for (uint8_t i = 0; i < entry_count; i++) {

  for (uint8_t i = 0; i < entry_count; i++) {

    uint64_t start = data_provider->ConsumeIntegral<uint64_t>();

    uint64_t start = AlignToPage(data_provider->ConsumeIntegral<uint64_t>());

    uint64_t end = data_provider->ConsumeIntegralInRange<uint64_t>(start, UINT64_MAX);

    uint64_t end = AlignToPage(data_provider->ConsumeIntegralInRange<uint64_t>(start, UINT64_MAX));

    uint64_t offset = data_provider->ConsumeIntegral<uint64_t>();

    // Make sure not to add overlapping maps, that is not something that can

    // happen in the real world.

    auto entry = map_ends.upper_bound(start);

    if (entry != map_ends.end() && end > entry->second) {

      continue;

    }

    map_ends[end] = start;



    uint64_t offset = AlignToPage(data_provider->ConsumeIntegral<uint64_t>());

    std::string map_info_name = data_provider->ConsumeRandomLengthString(kMaxMapInfoNameLen);

    std::string map_info_name = data_provider->ConsumeRandomLengthString(kMaxMapInfoNameLen);

    uint8_t flags = PROT_READ | PROT_WRITE;

    uint8_t flags = PROT_READ | PROT_WRITE;