fuzz: limit size for fuzz-manager-serialize

author Yu Watanabe <watanabe.yu+github@gmail.com>

Mon, 2 Oct 2023 01:42:58 +0000 (10:42 +0900)

committer Luca Boccassi <luca.boccassi@gmail.com>

Mon, 2 Oct 2023 13:23:34 +0000 (14:23 +0100)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Mon, 2 Oct 2023 01:42:58 +0000 (10:42 +0900)
committer Luca Boccassi <luca.boccassi@gmail.com>
Mon, 2 Oct 2023 13:23:34 +0000 (14:23 +0100)
diff --git a/src/core/fuzz-manager-serialize.c b/src/core/fuzz-manager-serialize.c

index 2f0c0c302988b6a653d3fcc10fe283f24df2202e..cbc89f5737344899371f0f57164bd6547f2747d9 100644 (file)
--- a/src/core/fuzz-manager-serialize.c
+++ b/src/core/fuzz-manager-serialize.c
@@ -14,6 +14,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
          _cleanup_fclose_ FILE *f = NULL, *null = NULL;
          _cleanup_fdset_free_ FDSet *fdset = NULL;
  
+        if (outside_size_range(size, 0, 65536))
+                return 0;
+
          /* We don't want to fill the logs with messages about parse errors.
           * Disable most logging if not running standalone. */
          if (!getenv("SYSTEMD_LOG_LEVEL")) {
diff --git a/src/core/fuzz-manager-serialize.options b/src/core/fuzz-manager-serialize.options

new file mode 100644 (file)

index 0000000..678d526
--- /dev/null
+++ b/src/core/fuzz-manager-serialize.options
@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65536
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Mon, 2 Oct 2023 01:42:58 +0000 (10:42 +0900)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 2 Oct 2023 13:23:34 +0000 (14:23 +0100)
src/core/fuzz-manager-serialize.c		patch \| blob \| blame \| history
src/core/fuzz-manager-serialize.options	[new file with mode: 0644]	patch \| blob