LibFuzzer: Corpus minification fails if corpus path contains whitespace #169029
Description
I originally opened this issue on the cargo-fuzz repository: cargo-fuzz #428, and one of the contributors suggested that this might be a bug in LibFuzzer itself.
Please let me know if I can be of assistance.
When trying to minify the corpus of a fuzzing target, spaces in paths are not properly escaped.
$ cargo fuzz --version cargo-fuzz 0.13.1 # I am running this test on an Apple M1 (Sequoia 15.7.1) with case-insensitive APFS.The paragraph below shows the error I'm getting when running the
poc.shscript in my repo. At cargo-fuzz-poc I've created a minimal working example of the issue for verification. An additional issue I'm seeing is: if the corpus contains multiple files,cargo +nightly fuzz cmin parse_cborruns into an infinite loop, and I have to kill the processes. Furthermore, I cannot reproduce the same behaviour in fuzzing mode (cargo +nightly fuzz run parse_cbor): there whitespace in paths doesn't seem to matter.I'm willing to provide additional information, should you require anything.
$ sh poc.sh Finished `release` profile [optimized + debuginfo] target(s) in 0.02s Finished `release` profile [optimized + debuginfo] target(s) in 0.01s Finished `release` profile [optimized + debuginfo] target(s) in 0.02s Running `target/aarch64-apple-darwin/release/parse_cbor '-artifact_prefix=/private/var/folders/cv/jzjgfjdj42nbzk8_w7plqshm0000gn/T/tmp.VMmLUHg0FJ/poc/path with space/example-crate/fuzz/artifacts/parse_cbor/' -merge=1 '/private/var/folders/cv/jzjgfjdj42nbzk8_w7plqshm0000gn/T/tmp.VMmLUHg0FJ/poc/path with space/example-crate/fuzz/.tmpJMDfRb/corpus' '/private/var/folders/cv/jzjgfjdj42nbzk8_w7plqshm0000gn/T/tmp.VMmLUHg0FJ/poc/path with space/example-crate/fuzz/corpus/parse_cbor'` parse_cbor(86522,0x20bdb2140) malloc: nano zone abandoned due to inability to reserve vm space. INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 977339485 INFO: Loaded 1 modules (3143 inline 8-bit counters): 3143 [0x1023b5ab0, 0x1023b66f7), INFO: Loaded 1 PC tables (3143 PCs): 3143 [0x1023b66f8,0x1023c2b68), MERGE-OUTER: 2 files, 0 in the initial corpus, 0 processed earlier MERGE-OUTER: attempt 1 parse_cbor(86523,0x20bdb2140) malloc: nano zone abandoned due to inability to reserve vm space. ERROR: The required directory "with" does not exist MERGE-OUTER: attempt 2 parse_cbor(86524,0x20bdb2140) malloc: nano zone abandoned due to inability to reserve vm space. ERROR: The required directory "with" does not exist MERGE-OUTER: the control file has 313 bytes MERGE-OUTER: consumed 0Mb (44Mb rss) to parse the control file MERGE-OUTER: 0 new files with 0 new features added; 0 new coverage edges