Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge remote-tracking branch 'origin/topic/jazoff/fuzz-size-limits'

Browse source 
- I rolled the fuzz chunk limit check into FuzzBuffer::Valid()

* origin/topic/jazoff/fuzz-size-limits:
  Skip fuzz inputs that have more than 64 chunks
This commit is contained in:
Jon Siwek 2020-05-20 10:56:17 -07:00
commit ce6459ed6f
2 changed files with 33 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

24
src/fuzzers/FuzzBuffer.cc
View file

@ -6,7 +6,7 @@
#include "FuzzBuffer.h"
bool zeek::detail::FuzzBuffer::Valid() const
bool zeek::detail::FuzzBuffer::Valid(int chunk_count_limit) const
{
if ( end - begin < PKT_MAGIC_LEN + 2 )
return false;
@ -14,9 +14,31 @@ bool zeek::detail::FuzzBuffer::Valid() const
if ( memcmp(begin, PKT_MAGIC, PKT_MAGIC_LEN) != 0)
return false;
if ( ChunkCount() > chunk_count_limit )
return false;
return true;
}
int zeek::detail::FuzzBuffer::ChunkCount() const
{
auto pos = begin;
int chunks = 0;
while ( pos < end )
{
pos = (const unsigned char*)memmem(pos, end - pos,
PKT_MAGIC, PKT_MAGIC_LEN);
if ( ! pos )
break;
pos += PKT_MAGIC_LEN + 1;
chunks++;
}
return chunks;
}
std::optional<zeek::detail::FuzzBuffer::Chunk> zeek::detail::FuzzBuffer::Next()
{
if ( begin == end )