From a44ef027ebca1598892ea9b104d6189aeb3bc2f0 Mon Sep 17 00:00:00 2001 From: Max Moroz Date: Wed, 4 Dec 2019 13:24:59 -0800 Subject: [PATCH] [compiler-rt] FuzzedDataProvider: do not call memcpy on empty vector. Summary: Some versions of memcpy mark pointer arguments as __nonnull, that triggers UBSan errors even when the length passed is 0. Reviewers: manojgupta, metzman Subscribers: dberris, #sanitizers, llvm-commits Tags: #sanitizers, #llvm Differential Revision: https://reviews.llvm.org/D71031 [compiler-rt] FDP: assert that num_bytes_to_consume == 0 when size == 0. --- compiler-rt/include/fuzzer/FuzzedDataProvider.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/compiler-rt/include/fuzzer/FuzzedDataProvider.h b/compiler-rt/include/fuzzer/FuzzedDataProvider.h index fd895b767d9e..3e069eba69b4 100644 --- a/compiler-rt/include/fuzzer/FuzzedDataProvider.h +++ b/compiler-rt/include/fuzzer/FuzzedDataProvider.h @@ -263,6 +263,12 @@ class FuzzedDataProvider { // which seems to be a natural choice for other implementations as well. // To increase the odds even more, we also call |shrink_to_fit| below. std::vector result(size); + if (size == 0) { + if (num_bytes_to_consume != 0) + abort(); + return result; + } + std::memcpy(result.data(), data_ptr_, num_bytes_to_consume); Advance(num_bytes_to_consume);