internal/fuzz: allocate memory for mutated strings

Rather than directly pointing at the underlying scratch slice, allocate memory for strings. This prevents mutation of previous values we've passed to the fuzz function, which may be retained by something that expects them to be immutable. Fixes golang/go#48308 Change-Id: Iee9bed1a536fdc4188180e8e7c1c722f641271d2 Reviewed-on: https://go-review.googlesource.com/c/go/+/351312 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> Reviewed-by: Katie Hockman <katie@golang.org>
2025-04-04 20:47:36 +03:00 · 2021-09-14 12:40:10 -07:00 · 2021-09-14 12:40:10 -07:00 · 989da43a69
commit 989da43a69
parent 1f62274f5e
2 changed files with 17 additions and 6 deletions
--- a/fuzz/mutator.go
+++ b/fuzz/mutator.go
@ -106,12 +106,7 @@ func (m *mutator) mutate(vals []interface{}, maxBytes int) {
 			copy(m.scratch, v)
 		}
 		m.mutateBytes(&m.scratch)
-		var s string
-		shdr := (*reflect.StringHeader)(unsafe.Pointer(&s))
-		bhdr := (*reflect.SliceHeader)(unsafe.Pointer(&m.scratch))
-		shdr.Data = bhdr.Data
-		shdr.Len = bhdr.Len
-		vals[i] = s
+		vals[i] = string(m.scratch)
 	case []byte:
 		if len(v) > maxPerVal {
 			panic(fmt.Sprintf("cannot mutate bytes of length %d", len(v)))
--- a/fuzz/mutator_test.go
+++ b/fuzz/mutator_test.go
@ -5,6 +5,7 @@
 package fuzz

 import (
+	"bytes"
 	"fmt"
 	"os"
 	"strconv"
@ -99,3 +100,18 @@ func BenchmarkMutatorAllBasicTypes(b *testing.B) {
 		})
 	}
 }
+
+func TestStringImmutability(t *testing.T) {
+	v := []interface{}{"hello"}
+	m := newMutator()
+	m.mutate(v, 1024)
+	original := v[0].(string)
+	originalCopy := make([]byte, len(original))
+	copy(originalCopy, []byte(original))
+	for i := 0; i < 25; i++ {
+		m.mutate(v, 1024)
+	}
+	if !bytes.Equal([]byte(original), originalCopy) {
+		t.Fatalf("string was mutated: got %x, want %x", []byte(original), originalCopy)
+	}
+}