fuzz: cleans all flow after one run

Makes the fuzz target more stateless

And manages to find bugs on the FlowFree path

diff --git a/src/tests/fuzz/fuzz_predefpcap_aware.c b/src/tests/fuzz/fuzz_predefpcap_aware.c
index 74e387f00a7e2f98ce91561117ed1788d8472b99..4dfc27c4447b27d93da087be18163ec7ca4e8990 100644 (file)
--- a/src/tests/fuzz/fuzz_predefpcap_aware.c
+++ b/src/tests/fuzz/fuzz_predefpcap_aware.c
@@ -22,6 +22,7 @@
 #include "util-unittest-helper.h"
 #include "conf-yaml-loader.h"
 #include "pkt-var.h"
+#include "flow-util.h"
 
 #include <fuzz_pcap.h>
 
@@ -142,6 +143,17 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
         p->pcap_cnt = pcap_cnt;
     }
     PacketFree(p);
+    for (uint32_t u = 0; u < flow_config.hash_size; u++) {
+        Flow *f = flow_hash[u].head;
+        while (f) {
+            Flow *n = f->next;
+            uint8_t proto_map = FlowGetProtoMapping(f->proto);
+            FlowClearMemory(f, proto_map);
+            FlowFree(f);
+            f = n;
+        }
+        flow_hash[u].head = NULL;
+    }
 
     return 0;
 }