fuzz: fix use of uninitialized value

author Philippe Antoine <pantoine@oisf.net>

Thu, 8 Dec 2022 09:06:40 +0000 (10:06 +0100)

committer Victor Julien <vjulien@oisf.net>

Tue, 17 Jan 2023 13:25:06 +0000 (14:25 +0100)
author Philippe Antoine <pantoine@oisf.net>
Thu, 8 Dec 2022 09:06:40 +0000 (10:06 +0100)
committer Victor Julien <vjulien@oisf.net>
Tue, 17 Jan 2023 13:25:06 +0000 (14:25 +0100)
diff --git a/src/tests/fuzz/fuzz_predefpcap_aware.c b/src/tests/fuzz/fuzz_predefpcap_aware.c

index 0095e249e9e78ac32add0892b7813b6a346b7ee0..bd70371d3db7b4e4c7018b85833507eaf8102831 100644 (file)
--- a/src/tests/fuzz/fuzz_predefpcap_aware.c
+++ b/src/tests/fuzz/fuzz_predefpcap_aware.c
@@ -117,7 +117,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
      // loop over packets
      r = FPC_next(&pkts, &header, &pkt);
      p = PacketGetFromAlloc();
-    if (header.ts.tv_sec >= INT_MAX - 3600) {
+    if (r <= 0 || header.ts.tv_sec >= INT_MAX - 3600) {
          goto bail;
      }
      p->ts.tv_sec = header.ts.tv_sec;
@@ -143,7 +143,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
              }
          }
          r = FPC_next(&pkts, &header, &pkt);
-        if (header.ts.tv_sec >= INT_MAX - 3600) {
+        if (r <= 0 || header.ts.tv_sec >= INT_MAX - 3600) {
              goto bail;
          }
          PacketRecycle(p);
diff --git a/src/tests/fuzz/fuzz_sigpcap.c b/src/tests/fuzz/fuzz_sigpcap.c

index 1560691fbecaa693002f6669c8f10a882a475f0d..2aa584ac09ec76d64df04867f25d6f38ef3ab93c 100644 (file)
--- a/src/tests/fuzz/fuzz_sigpcap.c
+++ b/src/tests/fuzz/fuzz_sigpcap.c
@@ -160,7 +160,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
      //loop over packets
      r = pcap_next_ex(pkts, &header, &pkt);
      p = PacketGetFromAlloc();
-    if (header->ts.tv_sec >= INT_MAX - 3600) {
+    if (r <= 0 || header->ts.tv_sec >= INT_MAX - 3600) {
          goto bail;
      }
      p->ts.tv_sec = header->ts.tv_sec;
@@ -187,7 +187,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
              }
          }
          r = pcap_next_ex(pkts, &header, &pkt);
-        if (header->ts.tv_sec >= INT_MAX - 3600) {
+        if (r <= 0 || header->ts.tv_sec >= INT_MAX - 3600) {
              goto bail;
          }
          PacketRecycle(p);
diff --git a/src/tests/fuzz/fuzz_sigpcap_aware.c b/src/tests/fuzz/fuzz_sigpcap_aware.c

index c03ecd840aefcfe0ef474c4498b64846850b79bc..2e5c5a7a2fc7df84b7e50703e961946a5222ef32 100644 (file)
--- a/src/tests/fuzz/fuzz_sigpcap_aware.c
+++ b/src/tests/fuzz/fuzz_sigpcap_aware.c
@@ -157,7 +157,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
      // loop over packets
      r = FPC_next(&pkts, &header, &pkt);
      p = PacketGetFromAlloc();
-    if (header.ts.tv_sec >= INT_MAX - 3600) {
+    if (r <= 0 || header.ts.tv_sec >= INT_MAX - 3600) {
          goto bail;
      }
      p->pkt_src = PKT_SRC_WIRE;
@@ -184,7 +184,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
              }
          }
          r = FPC_next(&pkts, &header, &pkt);
-        if (header.ts.tv_sec >= INT_MAX - 3600) {
+        if (r <= 0 || header.ts.tv_sec >= INT_MAX - 3600) {
              goto bail;
          }
          PacketRecycle(p);
author	Philippe Antoine <pantoine@oisf.net>
	Thu, 8 Dec 2022 09:06:40 +0000 (10:06 +0100)
committer	Victor Julien <vjulien@oisf.net>
	Tue, 17 Jan 2023 13:25:06 +0000 (14:25 +0100)
src/tests/fuzz/fuzz_predefpcap_aware.c		patch \| blob \| blame \| history
src/tests/fuzz/fuzz_sigpcap.c		patch \| blob \| blame \| history
src/tests/fuzz/fuzz_sigpcap_aware.c		patch \| blob \| blame \| history