From b38bde9bd122aefa01fcc73442b3cd92f18086e9 Mon Sep 17 00:00:00 2001 From: Dylan Reid Date: Thu, 13 Jun 2019 16:57:35 -0700 Subject: fuzz: Comply with new guest memory requirement for page alignment When the input's length is not page aligned, round it up. This allows the fuzzer to provide more random inputs without causing the `unwrap` call to trigger false positives when creating guest memory. BUG=chromium:972172 TEST=run fuzz case from the bug Change-Id: Iaf8f2ba943f38b90e168301dbb8c15dee5ee45c8 Signed-off-by: Dylan Reid Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1659626 Reviewed-by: Daniel Verkamp Tested-by: kokoro --- fuzz/zimage_fuzzer.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'fuzz') diff --git a/fuzz/zimage_fuzzer.rs b/fuzz/zimage_fuzzer.rs index f4aeb3f..d94a53d 100644 --- a/fuzz/zimage_fuzzer.rs +++ b/fuzz/zimage_fuzzer.rs @@ -4,7 +4,7 @@ #![no_main] -use sys_util::{GuestAddress, GuestMemory, SharedMemory}; +use sys_util::{round_up_to_page_size, GuestAddress, GuestMemory, SharedMemory}; use std::fs::File; use std::io::Write; @@ -30,7 +30,9 @@ pub fn test_one_input(data: *const u8, size: usize) -> i32 { // function. let bytes = unsafe { slice::from_raw_parts(data, size) }; let mut kimage = make_elf_bin(bytes); - let mem = GuestMemory::new(&[(GuestAddress(0), bytes.len() as u64 + 0x1000)]).unwrap(); + // `GuestMemory` only accepts page aligned segments. + let len = round_up_to_page_size(bytes.len()) as u64; + let mem = GuestMemory::new(&[(GuestAddress(0), len)]).unwrap(); let _ = kernel_loader::load_kernel(&mem, GuestAddress(0), &mut kimage); }) .err() -- cgit 1.4.1