29 lines
1,007 B
Diff
29 lines
1,007 B
Diff
diff --git a/src/libfuzzer/libfuzzer_mutator.cc b/src/libfuzzer/libfuzzer_mutator.cc
|
|
index 34d144c..b671fd4 100644
|
|
--- a/src/libfuzzer/libfuzzer_mutator.cc
|
|
+++ b/src/libfuzzer/libfuzzer_mutator.cc
|
|
@@ -14,6 +14,8 @@
|
|
|
|
#include "src/libfuzzer/libfuzzer_mutator.h"
|
|
|
|
+#include <sanitizer/msan_interface.h>
|
|
+
|
|
#include <string.h>
|
|
|
|
#include <algorithm>
|
|
@@ -64,6 +66,7 @@ template <class T>
|
|
T MutateValue(T v) {
|
|
size_t size =
|
|
LLVMFuzzerMutate(reinterpret_cast<uint8_t*>(&v), sizeof(v), sizeof(v));
|
|
+ __msan_unpoison(reinterpret_cast<uint8_t*>(&v), size);
|
|
memset(reinterpret_cast<uint8_t*>(&v) + size, 0, sizeof(v) - size);
|
|
return v;
|
|
}
|
|
@@ -93,6 +96,7 @@ std::string Mutator::MutateString(const std::string& value,
|
|
result.resize(std::max(1, new_size));
|
|
result.resize(LLVMFuzzerMutate(reinterpret_cast<uint8_t*>(&result[0]),
|
|
value.size(), result.size()));
|
|
+ __msan_unpoison(reinterpret_cast<uint8_t*>(&result[0]), result.size());
|
|
return result;
|
|
}
|
|
|