英文:
go1.18 fuzzing doesn't instrument string comparison?
问题
go1.18beta1模糊测试器在进行了近4000万次迭代后无法确定"tomatos"是一个导致崩溃的输入。在go1.18 beta中,字符串比较是否被插装了,或者可能有我遗漏的标志吗?我能够使用dvyukov的go-fuzz编写一个非常相似的测试用例,并且在大约25次模糊迭代中导致崩溃。
func FuzzThing(f *testing.F) {
f.Fuzz(func(t *testing.T, b []byte) {
if len(b) < 6 {
return
}
if string(b) == "tomatos" {
t.Fatalf("error!")
}
})
}
英文:
go1.18beta1 fuzzer is unable to figure out "tomatos" is a crasher after almost 40M iterations. Is string comparison not instrumented in go1.18 beta or perhaps there is a flag that I am missing? I was able to write a very similar test case with dvyukov's go-fuzz and it crashes in about 25 fuzzing iterations.
func FuzzThing(f *testing.F) {
f.Fuzz(func(t *testing.T, b []byte) {
if len(b) < 6 {
return
}
if string(b) == "tomatos" {
t.Fatalf("error!")
}
})
}
答案1
得分: 1
字符串比较的仪器化不可用:
https://github.com/golang/go/issues/50231
英文:
String comparison instrumentation isn't present:
https://github.com/golang/go/issues/50231
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论