diff options
author | Daniel Verkamp <dverkamp@chromium.org> | 2019-06-05 10:19:02 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-06-25 17:12:05 +0000 |
commit | 6b51bd334fcf384595629a69ad54950b441adb72 (patch) | |
tree | 88d83bf466b89d99f9084de1499ef6256c3d2ab6 /fuzz | |
parent | dade4c7425d44033f6a312209cf0a5d6a69a31ca (diff) | |
download | crosvm-6b51bd334fcf384595629a69ad54950b441adb72.tar crosvm-6b51bd334fcf384595629a69ad54950b441adb72.tar.gz crosvm-6b51bd334fcf384595629a69ad54950b441adb72.tar.bz2 crosvm-6b51bd334fcf384595629a69ad54950b441adb72.tar.lz crosvm-6b51bd334fcf384595629a69ad54950b441adb72.tar.xz crosvm-6b51bd334fcf384595629a69ad54950b441adb72.tar.zst crosvm-6b51bd334fcf384595629a69ad54950b441adb72.zip |
fuzz: zimage: use a fixed guest memory size
GuestMemory::new returns an error if the requested size is not divisible by the page size. The zimage fuzzer was using a GuestMemory size based on the size of the fuzzer input; however, it doesn't necessarily make sense to limit the guest memory to the size of the input. Pick an arbitrary 256 MB (matching the block fuzzer), which is also a page size multiple to resolve the original issue. BUG=chromium:977883 TEST=/usr/libexec/fuzzers/crosvm_zimage_fuzzer in cros_fuzz shell Change-Id: I08c6be9d920bede18d67f8a1c5c39b9d37fb839c Signed-off-by: Daniel Verkamp <dverkamp@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1645040 Tested-by: kokoro <noreply+kokoro@google.com>
Diffstat (limited to 'fuzz')
-rw-r--r-- | fuzz/zimage_fuzzer.rs | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/fuzz/zimage_fuzzer.rs b/fuzz/zimage_fuzzer.rs index d94a53d..b0ee523 100644 --- a/fuzz/zimage_fuzzer.rs +++ b/fuzz/zimage_fuzzer.rs @@ -4,7 +4,7 @@ #![no_main] -use sys_util::{round_up_to_page_size, GuestAddress, GuestMemory, SharedMemory}; +use sys_util::{GuestAddress, GuestMemory, SharedMemory}; use std::fs::File; use std::io::Write; @@ -12,6 +12,8 @@ use std::panic; use std::process; use std::slice; +const MEM_SIZE: u64 = 256 * 1024 * 1024; + fn make_elf_bin(elf_bytes: &[u8]) -> File { let mut shm = SharedMemory::new(None).expect("failed to create shared memory"); shm.set_size(elf_bytes.len() as u64) @@ -30,9 +32,7 @@ pub fn test_one_input(data: *const u8, size: usize) -> i32 { // function. let bytes = unsafe { slice::from_raw_parts(data, size) }; let mut kimage = make_elf_bin(bytes); - // `GuestMemory` only accepts page aligned segments. - let len = round_up_to_page_size(bytes.len()) as u64; - let mem = GuestMemory::new(&[(GuestAddress(0), len)]).unwrap(); + let mem = GuestMemory::new(&[(GuestAddress(0), MEM_SIZE)]).unwrap(); let _ = kernel_loader::load_kernel(&mem, GuestAddress(0), &mut kimage); }) .err() |