bug in eliminate_double_null leads to early exit #17
Description
computing MORECOM calculation...
[*] taintflow finished.
[*] Going for new generation creation.
in get_cut
offset 677
in get_cut
offset 51
[*] 0 offset set
in get_cut
offset 402
in get_cut
random offset 0
[*] 0 offset set
in get_cut
random offset 279
in get_cut
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 810, in __bootstrap_inner
self.run()
File "/usr/lib/python2.7/threading.py", line 763, in run
self.__target(*self.__args, **self.__kwargs)
File "runfuzzer.py", line 818, in main
gau.createNextGeneration3(fitnes,genran)
File "/vuzzer/gautils.py", line 455, in createNextGeneration3
mch1= ga.mutate(ch1,sin1)
File "/vuzzer/operators.py", line 294, in mutate
result=self.r.choice(self.mutators)(self, original,fl)
File "/vuzzer/operators.py", line 256, in double_fuzz
return self.r.choice(self.mutators)(self, result,fl)
File "/vuzzer/operators.py", line 256, in double_fuzz
return self.r.choice(self.mutators)(self, result,fl)
File "/vuzzer/operators.py", line 228, in eliminate_double_null
cut_pos = original.find('\0\0', self.r.randint(0, size))
File "/usr/lib/python2.7/random.py", line 240, in randint
return self.randrange(a, b+1)
File "/usr/lib/python2.7/random.py", line 216, in randrange
raise ValueError, "empty range for randrange() (%d,%d, %d)" % (istart, istop, width)
ValueError: empty range for randrange() (0,0, 0)
the function eliminate_double_null is:
def eliminate_double_null(self, original, fl,replacement = 'AA'):
size = len(original) - 1
cut_pos = original.find('\0\0', self.r.randint(0, size))
if (cut_pos != -1):
result = ''.join([original[:cut_pos], replacement, original[cut_pos + 2:]])
else:
return original
#assert len(original) == len(result), "size changed on a null elmination change %d %d" % (len(original), len(result))
return result
maybe, we should add a line:
if size <=0:
return original