bugfix in resume from corpus/seed

Yevgeny Pats · Yevgeny Pats · commit 93ce7619e61d · 2019-11-10T23:15:09.000+02:00
diff --git a/examples/zlib/fuzz.js b/examples/zlib/fuzz.js
@@ -30,7 +30,8 @@ const expected = [
   'incorrect data check',
   'invalid literal/length code',
   'invalid bit length repeat',
-  'invalid code'
-]
+  'invalid code',
+  'invalid literal'
+];
 
-exports.fuzz = fuzz
+exports.fuzz = fuzz;
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "jsfuzz",
-  "version": "1.0.12",
+  "version": "1.0.13",
   "description": "Coverage Guided Javascript Fuzzer",
   "main": "build/src/index.js",
   "types": "build/src/inde.d.ts",
diff --git a/src/corpus.ts b/src/corpus.ts
@@ -4,20 +4,24 @@ import {uint16, uint32} from "./math";
 var crypto = require('crypto');
 
 const INTERESTING8 = new Uint8Array([-128, -1, 0, 1, 16, 32, 64, 100, 127]);
-const INTERESTING16 = new Uint16Array([-32768, -129, 128, 255, 256, 512, 1000, 1024, 4096, 32767]);
-const INTERESTING32 = new Uint32Array([-2147483648, -100663046, -32769, 32768, 65535, 65536, 100663045, 2147483647]);
+const INTERESTING16 = new Uint16Array([-32768, -129, 128, 255, 256, 512, 1000, 1024, 4096, 32767, -128, -1, 0, 1, 16, 32, 64, 100, 127]);
+const INTERESTING32 = new Uint32Array([-2147483648, -100663046, -32769, 32768, 65535, 65536, 100663045, 2147483647, -32768, -129, 128, 255, 256, 512, 1000, 1024, 4096, 32767]);
 
 
 export class Corpus {
     private inputs: Buffer[];
     private seedPath: string | undefined;
     private corpusPath: string | undefined;
     private maxInputSize: number;
+    private seedLength: number;
 
     constructor(dir: string[]) {
         this.inputs = [];
         this.maxInputSize = 4096;
         for (let i of dir) {
+            if (!fs.existsSync(i)) {
+                fs.mkdirSync(i);
+            }
             if (fs.lstatSync(i).isDirectory()) {
                 if (!this.corpusPath) {
                     this.corpusPath = i;
@@ -27,6 +31,7 @@ export class Corpus {
                 this.inputs.push(fs.readFileSync(i));
             }
         }
+        this.seedLength = this.inputs.length;
 
     }
 
@@ -42,8 +47,12 @@ export class Corpus {
     }
 
     generateInput() {
+        if (this.seedLength > 0) {
+            this.seedLength -= 1;
+            return this.inputs[this.seedLength];
+        }
         if (this.inputs.length === 0) {
-            const buf = Buffer.alloc(0, 0)
+            const buf = Buffer.alloc(0, 0);
             this.putBuffer(buf);
             return buf;
         }

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "jsfuzz",`
`3`		`- "version": "1.0.12",`
	`3`	`+ "version": "1.0.13",`
`4`	`4`	`"description": "Coverage Guided Javascript Fuzzer",`
`5`	`5`	`"main": "build/src/index.js",`
`6`	`6`	`"types": "build/src/inde.d.ts",`