This is an archive of the discontinued LLVM Phabricator instance.

[libc] Add fuzz test for strcmp.
ClosedPublic

Authored by cgyurgyik on Jun 19 2020, 5:22 PM.

Details

Summary

Adds a fuzz test for string comparison.

This takes in two strings with associated lengths.
Verifies each string contains at least one character, and that the last character is the null terminator.
Then, finds the first instance where one of the following does not hold:

  1. i < min(size1, size2)
  2. s1[i] == s2[i]
  3. s1[i] != '\0'

The result of strcmp is then compared to the value of the difference between s1[i] and s2[i]. For thoroughness, the operands are reversed and also checked.

Diff Detail

Event Timeline

cgyurgyik created this revision.Jun 19 2020, 5:22 PM
PaulkaToast accepted this revision.Jun 22 2020, 7:34 PM

After comments are addressed LGTM but you might want to wait for approval from sivachandra.

libc/fuzzing/string/strcmp_fuzz.cpp
28

I think its beneficial to avoid dependency on C++ headers for the fuzzing tests, since std::min is only used here maybe just replace this with an if condition? It could in theory produce a circular dependency because libc++ could depend on some libc functions which is what we are trying to fuzz here.

36

nit: using continue; would make this more explicit but its totally up to you. (:

This revision is now accepted and ready to land.Jun 22 2020, 7:34 PM
sivachandra accepted this revision.Jun 22 2020, 9:27 PM
sivachandra marked an inline comment as done.

OK after addressing Paula's comments.

libc/fuzzing/string/strcmp_fuzz.cpp
13

I see Paula's comment related to this but I would like to drive this more strongly: The only headers not part of LLVM libc that are OK to include are the freestanding C headers, and the headers provided by the compiler (like stdatomic.h).

cgyurgyik updated this revision to Diff 272669.Jun 23 2020, 4:04 AM

Remove use of cpp header. Use a break statement to be more explicit.

cgyurgyik marked an inline comment as done.Jun 23 2020, 4:05 AM

Thanks Paula.

OK after addressing Paula's comments.

Thanks Siva, and acknowledged about headers.

Done. Used a break statement to be more explicit.

This revision was automatically updated to reflect the committed changes.