SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

prevent MAX_STG_NUM out of bounds

Browse Source
This commit is contained in:
Alwin Berger 2025-09-01 07:46:12 +00:00
parent 1c3bc85d48
commit 479638f5b7
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
fuzzers/FRET/src/systemstate/stg.rs
View File

@ -9,6 +9,7 @@ use libafl::common::HasNamedMetadata;
use libafl::schedulers::MinimizerScheduler;
use libafl_bolts::HasRefCnt;
use serde::de::DeserializeOwned;
use std::cmp::min;
use std::path::PathBuf;
use std::sync::Arc;
use libafl::corpus::Testcase;
@ -378,7 +379,7 @@ where
//============================= Graph Feedback
pub const STG_MAP_SIZE: usize = 1<<28; // 512MB
pub const STG_MAP_SIZE: usize = 1<<29; // 1024 MB
pub static mut STG_MAP: [u16; STG_MAP_SIZE] = [0; STG_MAP_SIZE];
pub static mut MAX_STG_NUM: usize = 0;
pub unsafe fn stg_map_mut_slice<'a>() -> OwnedMutSlice<'a, u16> {
@ -447,10 +448,10 @@ fn set_observer_map(trace : &Vec<EdgeIndex>) {
STG_MAP[i] = 0;
}
for i in trace {
if MAX_STG_NUM < i.index() {
MAX_STG_NUM = i.index();
}
if i.index() < STG_MAP.len() {
if MAX_STG_NUM < i.index() {
MAX_STG_NUM = min(i.index(), STG_MAP.len() - 1);
}
STG_MAP[i.index()] = STG_MAP[i.index()].saturating_add(1);
} else {
eprintln!("STG Map index out of bounds: {}", i.index());