From 37c33423740483f372f8dcf3ff299b93cd80d727 Mon Sep 17 00:00:00 2001 From: Alex Crichton Date: Mon, 24 Oct 2022 09:14:42 -0500 Subject: [PATCH] Fix accidental infinite loop in fuzz targets (#5103) The `libfuzzer-sys` update in #5068 included some changes to the `fuzz_target!` macro which caused a bare `run` function to be shadowed by the macro-defined `run` function (changed in rust-fuzz/libfuzzer#95) which meant that some of our fuzz targets were infinite looping or stack overflowing as the same function was called indefinitely. This renames the top-level `run` function to something else in the meantime. --- fuzz/fuzz_targets/differential.rs | 4 ++-- fuzz/fuzz_targets/instantiate-many.rs | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/fuzz/fuzz_targets/differential.rs b/fuzz/fuzz_targets/differential.rs index 5ba5ea06d2..e6a1f50127 100644 --- a/fuzz/fuzz_targets/differential.rs +++ b/fuzz/fuzz_targets/differential.rs @@ -53,10 +53,10 @@ fuzz_target!(|data: &[u8]| { // Errors in `run` have to do with not enough input in `data`, which we // ignore here since it doesn't affect how we'd like to fuzz. - drop(run(&data)); + drop(execute_one(&data)); }); -fn run(data: &[u8]) -> Result<()> { +fn execute_one(data: &[u8]) -> Result<()> { STATS.bump_attempts(); let mut u = Unstructured::new(data); diff --git a/fuzz/fuzz_targets/instantiate-many.rs b/fuzz/fuzz_targets/instantiate-many.rs index a562abe378..ad3cd1d6a0 100644 --- a/fuzz/fuzz_targets/instantiate-many.rs +++ b/fuzz/fuzz_targets/instantiate-many.rs @@ -12,10 +12,10 @@ const MAX_MODULES: usize = 5; fuzz_target!(|data: &[u8]| { // errors in `run` have to do with not enough input in `data`, which we // ignore here since it doesn't affect how we'd like to fuzz. - drop(run(data)); + drop(execute_one(data)); }); -fn run(data: &[u8]) -> Result<()> { +fn execute_one(data: &[u8]) -> Result<()> { let mut u = Unstructured::new(data); let mut config: generators::Config = u.arbitrary()?;