lib/zstd
1
0
Fork 0
mirror of https://github.com/facebook/zstd.git synced 2025-07-29 11:21:22 +03:00
Code Activity

fuzz: Fix FUZZ_malloc_rand() to return non-NULL for zero-size allocations

Browse Source 
The FUZZ_malloc_rand() function was incorrectly always returning NULL for
zero-size allocations. The random offset generated by
FUZZ_dataProducer_int32Range() was not being added to the pointer variable,
causing the function to always return (void *)0.
This commit is contained in:
Dominik Loidolt
2025-06-05 15:36:29 +02:00
parent bd894054c0
commit 4be08ba122
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
tests/fuzz/fuzz_helpers.c
View File

@ -31,12 +31,11 @@ void* FUZZ_malloc_rand(size_t size, FUZZ_dataProducer_t *producer)
return mem; return mem;
} else { } else {
uintptr_t ptr = 0; uintptr_t ptr = 0;
/* Add +- 1M 50% of the time */ /* Return junk pointer 50% of the time */
if (FUZZ_dataProducer_uint32Range(producer, 0, 1)) if (FUZZ_dataProducer_uint32Range(producer, 0, 1))
FUZZ_dataProducer_int32Range(producer, -1000000, 1000000); ptr += FUZZ_dataProducer_int32Range(producer, -1000000, 1000000);
return (void*)ptr; return (void*)ptr;
} }
} }
int FUZZ_memcmp(void const* lhs, void const* rhs, size_t size) int FUZZ_memcmp(void const* lhs, void const* rhs, size_t size)

1
tests/fuzz/fuzz_helpers.h
View File

@ -66,6 +66,7 @@ void* FUZZ_malloc(size_t size);
/** /**
* malloc except returns random pointer for zero sized data and FUZZ_ASSERT * malloc except returns random pointer for zero sized data and FUZZ_ASSERT
* that malloc doesn't fail. * that malloc doesn't fail.
* WARNING: Only free the returned pointer if size > 0!
*/ */
void* FUZZ_malloc_rand(size_t size, FUZZ_dataProducer_t *producer); void* FUZZ_malloc_rand(size_t size, FUZZ_dataProducer_t *producer);