During unit tests, it was observed that crafting an artificially small DSO could cause OOB memory to be accessed. This change fixes that (but again, the affected DSOs are unlikely to ever occur outside unit tests).
Details
Details
Diff Detail
Diff Detail
Event Timeline
compiler-rt/lib/fuzzer/FuzzerTracePC.h | ||
---|---|---|
196 | Just saw this while merging from upstream since we have a similar but conflicting diff. Shouldn't it be < rather than <=? I believe end is a one-past-the end pointer but it's been a while since I looked at this code? The loop below also uses <. I made this change for CHERI a long time ago when porting libfuzzer but forgot to upstream it despite marking at as such: https://github.com/CTSRD-CHERI/llvm-project/commit/a09ee83464be3e287cdf82ff22e67d66f476a6c0 |
Just saw this while merging from upstream since we have a similar but conflicting diff. Shouldn't it be < rather than <=? I believe end is a one-past-the end pointer but it's been a while since I looked at this code? The loop below also uses <.
I made this change for CHERI a long time ago when porting libfuzzer but forgot to upstream it despite marking at as such: https://github.com/CTSRD-CHERI/llvm-project/commit/a09ee83464be3e287cdf82ff22e67d66f476a6c0