Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 10:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Improve FuzzBuffer chunking

Browse source 
Now allocates a new buffer for each chunk to better detect over-reads
This commit is contained in:
Jon Siwek 2020-04-27 16:25:56 -07:00
parent 8e6539b55f
commit 2922bf71b6
3 changed files with 37 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/fuzzers/FuzzBuffer.h
View file

@ -1,6 +1,8 @@
#pragma once
#include <cstddef>
#include <memory>
#include <optional>
namespace zeek {
@ -15,6 +17,13 @@ namespace zeek {
* send along to an analyzers Deliver method.
*/
class FuzzBuffer {
public:
struct Chunk {
std::unique_ptr<unsigned char[]> data;
size_t size;
bool is_orig;
};
static constexpr int PKT_MAGIC_LEN = 4;
static constexpr unsigned char PKT_MAGIC[PKT_MAGIC_LEN + 1] = "\1PKT";
@ -35,13 +44,9 @@ class FuzzBuffer {
bool Valid() const;
/**
* Finds the next chunk of data to pass along to an analyzer.
* @param chunk the data chunk to return
* @param len the size of the chunk returned in *chunk*
* @param is_orig whether returned chunk is from originator or responder
* @return a value less than zero if a chunk could not be extracted
* @return the next chunk to deliver, if one could be extracted
*/
int Next(const unsigned char** chunk, size_t* len, bool* is_orig);
std::optional<Chunk> Next();
private: