diff options
author | Dylan Reid <dgreid@chromium.org> | 2019-06-13 16:57:35 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-06-21 21:12:39 +0000 |
commit | b38bde9bd122aefa01fcc73442b3cd92f18086e9 (patch) | |
tree | b6cb4b7cef66d8415a7e2c019cb5e360c8a29c6b /fuzz | |
parent | d0bf5dc6026d53d21490049f57505ddd1f515a56 (diff) | |
download | crosvm-b38bde9bd122aefa01fcc73442b3cd92f18086e9.tar crosvm-b38bde9bd122aefa01fcc73442b3cd92f18086e9.tar.gz crosvm-b38bde9bd122aefa01fcc73442b3cd92f18086e9.tar.bz2 crosvm-b38bde9bd122aefa01fcc73442b3cd92f18086e9.tar.lz crosvm-b38bde9bd122aefa01fcc73442b3cd92f18086e9.tar.xz crosvm-b38bde9bd122aefa01fcc73442b3cd92f18086e9.tar.zst crosvm-b38bde9bd122aefa01fcc73442b3cd92f18086e9.zip |
fuzz: Comply with new guest memory requirement for page alignment
When the input's length is not page aligned, round it up. This allows the fuzzer to provide more random inputs without causing the `unwrap` call to trigger false positives when creating guest memory. BUG=chromium:972172 TEST=run fuzz case from the bug Change-Id: Iaf8f2ba943f38b90e168301dbb8c15dee5ee45c8 Signed-off-by: Dylan Reid <dgreid@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1659626 Reviewed-by: Daniel Verkamp <dverkamp@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com>
Diffstat (limited to 'fuzz')
-rw-r--r-- | fuzz/zimage_fuzzer.rs | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/fuzz/zimage_fuzzer.rs b/fuzz/zimage_fuzzer.rs index f4aeb3f..d94a53d 100644 --- a/fuzz/zimage_fuzzer.rs +++ b/fuzz/zimage_fuzzer.rs @@ -4,7 +4,7 @@ #![no_main] -use sys_util::{GuestAddress, GuestMemory, SharedMemory}; +use sys_util::{round_up_to_page_size, GuestAddress, GuestMemory, SharedMemory}; use std::fs::File; use std::io::Write; @@ -30,7 +30,9 @@ pub fn test_one_input(data: *const u8, size: usize) -> i32 { // function. let bytes = unsafe { slice::from_raw_parts(data, size) }; let mut kimage = make_elf_bin(bytes); - let mem = GuestMemory::new(&[(GuestAddress(0), bytes.len() as u64 + 0x1000)]).unwrap(); + // `GuestMemory` only accepts page aligned segments. + let len = round_up_to_page_size(bytes.len()) as u64; + let mem = GuestMemory::new(&[(GuestAddress(0), len)]).unwrap(); let _ = kernel_loader::load_kernel(&mem, GuestAddress(0), &mut kimage); }) .err() |