fuzz: restrict flags passed to AppLayerProtoDetectGetProto

author Philippe Antoine <contact@catenacyber.fr>

Mon, 22 Nov 2021 14:08:52 +0000 (15:08 +0100)

committer Victor Julien <vjulien@oisf.net>

Mon, 22 Nov 2021 16:06:58 +0000 (17:06 +0100)
author Philippe Antoine <contact@catenacyber.fr>
Mon, 22 Nov 2021 14:08:52 +0000 (15:08 +0100)
committer Victor Julien <vjulien@oisf.net>
Mon, 22 Nov 2021 16:06:58 +0000 (17:06 +0100)
diff --git a/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c b/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c

index 0a8095c8ae194c51d5faa24657693e50e87befc9..8633a536f909aae8ca526c0e54d0de670267d91f 100644 (file)
--- a/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c
+++ b/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c
@@ -54,7 +54,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
      f->protoctx = &ssn;
      f->protomap = FlowGetProtoMapping(f->proto);
  
-    alproto = AppLayerProtoDetectGetProto(alpd_tctx, f, data+HEADER_LEN, size-HEADER_LEN, f->proto, data[0], &reverse);
+    uint8_t flags = STREAM_TOCLIENT;
+    if (data[0] & STREAM_TOSERVER) {
+        flags = STREAM_TOSERVER;
+    }
+    alproto = AppLayerProtoDetectGetProto(
+            alpd_tctx, f, data + HEADER_LEN, size - HEADER_LEN, f->proto, flags, &reverse);
      if (alproto != ALPROTO_UNKNOWN && alproto != ALPROTO_FAILED && f->proto == IPPROTO_TCP &&
              (data[0] & STREAM_MIDSTREAM) == 0) {
          /* If we find a valid protocol at the start of a stream :
author	Philippe Antoine <contact@catenacyber.fr>
	Mon, 22 Nov 2021 14:08:52 +0000 (15:08 +0100)
committer	Victor Julien <vjulien@oisf.net>
	Mon, 22 Nov 2021 16:06:58 +0000 (17:06 +0100)