Merge pull request #11975 from keszybz/fuzzer-fixes-n

Fixes for a few fuzzer issues
2019-03-15 17:34:37 +01:00 · 2019-03-15 17:34:37 +01:00 · d449d63a0d
parent 95658673a0 0fb729282b
commit d449d63a0d
6 changed files with 13 additions and 1 deletions
--- a/src/fuzz/fuzz-env-file.c
+++ b/src/fuzz/fuzz-env-file.c
@ -12,7 +12,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        _cleanup_fclose_ FILE *f = NULL;
        _cleanup_strv_free_ char **rl = NULL, **rlp =  NULL;

-        if (size == 0)
+        if (size == 0 || size > 65535)
                return 0;

        f = fmemopen((char*) data, size, "re");
--- a/src/fuzz/fuzz-env-file.options
+++ b/src/fuzz/fuzz-env-file.options
@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535
--- a/src/network/fuzz-network-parser.c
+++ b/src/network/fuzz-network-parser.c
@ -11,6 +11,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        _cleanup_fclose_ FILE *f = NULL;
        _cleanup_(unlink_tempfilep) char network_config[] = "/tmp/fuzz-networkd.XXXXXX";

+        if (size > 65535)
+                return 0;
+
        if (!getenv("SYSTEMD_LOG_LEVEL"))
                log_set_max_level(LOG_CRIT);

--- a/src/network/fuzz-network-parser.options
+++ b/src/network/fuzz-network-parser.options
@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535
--- a/src/udev/net/fuzz-link-parser.c
+++ b/src/udev/net/fuzz-link-parser.c
@ -11,6 +11,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        _cleanup_(unlink_tempfilep) char filename[] = "/tmp/fuzz-link-config.XXXXXX";
        _cleanup_fclose_ FILE *f = NULL;

+        if (size > 65535)
+                return 0;
+
        if (!getenv("SYSTEMD_LOG_LEVEL"))
                log_set_max_level(LOG_CRIT);

--- a/src/udev/net/fuzz-link-parser.options
+++ b/src/udev/net/fuzz-link-parser.options
@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535