fuzz: do not use timestamps at the end of times

so as not to have integer overflows

diff --git a/src/tests/fuzz/fuzz_predefpcap_aware.c b/src/tests/fuzz/fuzz_predefpcap_aware.c
index 49b2a5d9ce15687bbfa240dde9d602b5d2ac4094..0095e249e9e78ac32add0892b7813b6a346b7ee0 100644 (file)
--- a/src/tests/fuzz/fuzz_predefpcap_aware.c
+++ b/src/tests/fuzz/fuzz_predefpcap_aware.c
@@ -117,6 +117,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     // loop over packets
     r = FPC_next(&pkts, &header, &pkt);
     p = PacketGetFromAlloc();
+    if (header.ts.tv_sec >= INT_MAX - 3600) {
+        goto bail;
+    }
     p->ts.tv_sec = header.ts.tv_sec;
     p->ts.tv_usec = header.ts.tv_usec % 1000000;
     p->datalink = pkts.datalink;
@@ -140,6 +143,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
             }
         }
         r = FPC_next(&pkts, &header, &pkt);
+        if (header.ts.tv_sec >= INT_MAX - 3600) {
+            goto bail;
+        }
         PacketRecycle(p);
         p->ts.tv_sec = header.ts.tv_sec;
         p->ts.tv_usec = header.ts.tv_usec % 1000000;
@@ -147,6 +153,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
         pcap_cnt++;
         p->pcap_cnt = pcap_cnt;
     }
+bail:
     PacketFree(p);
     FlowReset();
 

diff --git a/src/tests/fuzz/fuzz_sigpcap.c b/src/tests/fuzz/fuzz_sigpcap.c
index f169ad1366b9a26b29e3c1dc5fb8338c2412c9c3..1560691fbecaa693002f6669c8f10a882a475f0d 100644 (file)
--- a/src/tests/fuzz/fuzz_sigpcap.c
+++ b/src/tests/fuzz/fuzz_sigpcap.c
@@ -160,6 +160,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     //loop over packets
     r = pcap_next_ex(pkts, &header, &pkt);
     p = PacketGetFromAlloc();
+    if (header->ts.tv_sec >= INT_MAX - 3600) {
+        goto bail;
+    }
     p->ts.tv_sec = header->ts.tv_sec;
     p->ts.tv_usec = header->ts.tv_usec % 1000000;
     p->datalink = pcap_datalink(pkts);
@@ -184,6 +187,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
             }
         }
         r = pcap_next_ex(pkts, &header, &pkt);
+        if (header->ts.tv_sec >= INT_MAX - 3600) {
+            goto bail;
+        }
         PacketRecycle(p);
         p->ts.tv_sec = header->ts.tv_sec;
         p->ts.tv_usec = header->ts.tv_usec % 1000000;
@@ -192,6 +198,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
         pcap_cnt++;
         p->pcap_cnt = pcap_cnt;
     }
+bail:
     //close structure
     pcap_close(pkts);
     PacketFree(p);

diff --git a/src/tests/fuzz/fuzz_sigpcap_aware.c b/src/tests/fuzz/fuzz_sigpcap_aware.c
index 4518725b8779a8194768ac061387252582ae989e..c03ecd840aefcfe0ef474c4498b64846850b79bc 100644 (file)
--- a/src/tests/fuzz/fuzz_sigpcap_aware.c
+++ b/src/tests/fuzz/fuzz_sigpcap_aware.c
@@ -157,6 +157,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     // loop over packets
     r = FPC_next(&pkts, &header, &pkt);
     p = PacketGetFromAlloc();
+    if (header.ts.tv_sec >= INT_MAX - 3600) {
+        goto bail;
+    }
     p->pkt_src = PKT_SRC_WIRE;
     p->ts.tv_sec = header.ts.tv_sec;
     p->ts.tv_usec = header.ts.tv_usec % 1000000;
@@ -181,6 +184,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
             }
         }
         r = FPC_next(&pkts, &header, &pkt);
+        if (header.ts.tv_sec >= INT_MAX - 3600) {
+            goto bail;
+        }
         PacketRecycle(p);
         p->pkt_src = PKT_SRC_WIRE;
         p->ts.tv_sec = header.ts.tv_sec;
@@ -189,6 +195,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
         pcap_cnt++;
         p->pcap_cnt = pcap_cnt;
     }
+bail:
     PacketFree(p);
     FlowReset();