fuzz/x86_emulate: clear errors after each iteration

Once feof() returns true for a stream, it will continue to return true
for that stream until clearerr() is called (or the stream is closed
and re-opened).

In llvm-clang-fast-mode, the same file descriptor is used for each
iteration of the loop, meaning that the "Input too large" check was
broken -- feof() would return true even if the fread() hadn't hit the
end of the file.  The result is that AFL generates testcases of
arbitrary size.

Fix this by clearing the error after each iteration.

Signed-off-by: George Dunlap <george.dunlap@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c b/tools/fuzz/x86_instruction_emulator/afl-harness.c
index 154869336a858673651e3b2ce84e8c0a1b492e93..b4d15451b5786c526786e509557104c4f435a30b 100644 (file)
--- a/tools/fuzz/x86_instruction_emulator/afl-harness.c
+++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c
@@ -97,6 +97,8 @@ int main(int argc, char **argv)
             fclose(fp);
             fp = NULL;
         }
+        else
+            clearerr(fp);
 
         LLVMFuzzerTestOneInput(input, size);
     }