diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2021-06-25 17:57:13 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2021-06-26 07:11:49 +0200 |
| commit | 9d2ab5dfe7727dfea4b9b279f4edf731acb386ef (patch) | |
| tree | a56258ffd87a643c865e3ceab976e8ba948073e6 /prog | |
| parent | ae6bf8ddebd14f2e21c155c0bdf555b92d3eaf7a (diff) | |
syz-manager, syz-fuzzer: filter stale glob values in the corpus
Corpus may accumulate glob values that are already filtered out
by descriptions (e.g. some harmful files), for an example see:
https://groups.google.com/g/syzkaller-bugs/c/W_R0O4XWpfY/m/sdwwg2_hAwAJ
Pass glob files to the manager and filter out values that
are not present in the glob already.
Also use the same caching scheme we use for features and
enabled syscalls so that fuzzers don't need to scan globs every time.
Diffstat (limited to 'prog')
| -rw-r--r-- | prog/encoding.go | 3 | ||||
| -rw-r--r-- | prog/types.go | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/prog/encoding.go b/prog/encoding.go index e66535e2a..b389fc10d 100644 --- a/prog/encoding.go +++ b/prog/encoding.go @@ -549,7 +549,8 @@ func (p *parser) parseArgString(t Type, dir Dir) (Arg, error) { data = append(data, make([]byte, diff)...) } data = data[:size] - if typ.Kind == BufferString && len(typ.Values) != 0 && + if (typ.Kind == BufferString || typ.Kind == BufferGlob) && + len(typ.Values) != 0 && // AUTOGENERATED will be padded by 0's. !strings.HasPrefix(typ.Values[0], "AUTOGENERATED") { matched := false diff --git a/prog/types.go b/prog/types.go index 66ce3ced0..86346c50f 100644 --- a/prog/types.go +++ b/prog/types.go @@ -503,7 +503,7 @@ type BufferType struct { RangeEnd uint64 // for BufferBlobRange kind Text TextKind // for BufferText SubKind string - Values []string // possible values for BufferString kind + Values []string // possible values for BufferString and BufferGlob kind NoZ bool // non-zero terminated BufferString/BufferFilename } |