From f2bd032044ca3cd4b454dd0ba86719effcf34dc0 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 16 Dec 2020 04:44:31 +0900
Subject: [PATCH] journal: refuse data which contain invalid fields

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25353.
---
 src/journal/journal-file.c                   |   3 +++
 test/fuzz/fuzz-journal-remote/oss-fuzz-25353 | Bin 0 -> 45 bytes
 2 files changed, 3 insertions(+)
 create mode 100644 test/fuzz/fuzz-journal-remote/oss-fuzz-25353

diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index 18dc3072b4..fa117ab63c 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -1572,6 +1572,9 @@ static int journal_file_append_field(
         assert(f);
         assert(field && size > 0);
 
+        if (!journal_field_valid(field, size, true))
+                return -EBADMSG;
+
         hash = journal_file_hash_data(f, field, size);
 
         r = journal_file_find_field_object_with_hash(f, field, size, hash, &o, &p);
diff --git a/test/fuzz/fuzz-journal-remote/oss-fuzz-25353 b/test/fuzz/fuzz-journal-remote/oss-fuzz-25353
new file mode 100644
index 0000000000000000000000000000000000000000..94e5fbb93e6badfa33b420d12b9c92528fc9ac92
GIT binary patch
literal 45
lcma!#4{~+%3GwuGjRz6IA&$NQwuW5)xwsf0KmiW8xBv&T2?PKD

literal 0
HcmV?d00001