diff --git a/CHANGES b/CHANGES index f1e089d93b..f3d71e5a3c 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,8 @@ +3.2.0-dev.557 | 2020-05-21 11:41:12 -0700 + + * Speed up FuzzBuffer ChunkCount validity check (Justin Azoff, Corelight) + 3.2.0-dev.555 | 2020-05-20 11:19:08 -0700 * Disable output of Reporter messages to stderr in fuzz targets (Jon Siwek, Corelight) diff --git a/VERSION b/VERSION index 18a3b72a3c..69911ac90f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.2.0-dev.555 +3.2.0-dev.557 diff --git a/src/fuzzers/FuzzBuffer.cc b/src/fuzzers/FuzzBuffer.cc index 0eb166c786..def5d34086 100644 --- a/src/fuzzers/FuzzBuffer.cc +++ b/src/fuzzers/FuzzBuffer.cc @@ -14,18 +14,18 @@ bool zeek::detail::FuzzBuffer::Valid(int chunk_count_limit) const if ( memcmp(begin, PKT_MAGIC, PKT_MAGIC_LEN) != 0) return false; - if ( ChunkCount() > chunk_count_limit ) + if ( ExceedsChunkLimit(chunk_count_limit) ) return false; return true; } -int zeek::detail::FuzzBuffer::ChunkCount() const +int zeek::detail::FuzzBuffer::ChunkCount(int chunk_count_limit) const { auto pos = begin; int chunks = 0; - while ( pos < end ) + while ( pos < end && (chunks < chunk_count_limit || chunk_count_limit == 0) ) { pos = (const unsigned char*)memmem(pos, end - pos, PKT_MAGIC, PKT_MAGIC_LEN); diff --git a/src/fuzzers/FuzzBuffer.h b/src/fuzzers/FuzzBuffer.h index 1959e6f18b..69ba821242 100644 --- a/src/fuzzers/FuzzBuffer.h +++ b/src/fuzzers/FuzzBuffer.h @@ -47,9 +47,18 @@ public: bool Valid(int chunk_count_limit = MAX_CHUNK_COUNT) const; /** + * @param chunk_count_limit Number of chunks to stop counting at (zero + * means "never stop"). * @return the number of chunks in the fuzz buffer object */ - int ChunkCount() const; + int ChunkCount(int chunk_count_limit = 0) const; + + /** + * @param Maximum number of chunks to permit the FuzzBuffer to have. + * @return Whether the FuzzBuffer exceeds the desired chunk count limit. + */ + bool ExceedsChunkLimit(int chunk_count_limit) const + { return ChunkCount(chunk_count_limit + 1) > chunk_count_limit; } /** * @return the next chunk to deliver, if one could be extracted