From: Marco Bettini <marco.bettini@open-xchange.com>
Date: Tue, 5 Jul 2022 09:50:19 +0000 (+0000)
Subject: lib-test: FUZZ_BEGIN_STR() - Replace NULs('\0') with backslashes '\\'
X-Git-Tag: 2.4.0~3801
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=239a4ef6889604986558df8e5e2ee4ce84b5491e;p=thirdparty%2Fdovecot%2Fcore.git

lib-test: FUZZ_BEGIN_STR() - Replace NULs('\0') with backslashes '\\'

This is done so that the strings generated from fuzzer data always contain a
maximal length string. The presence of NULs creates aliases in the fuzz space
and makes less likely to generate very long NUL terminated strings.
The backslash is chosen instead of space as replacement because it is usually
a more troublesome character to handle.
---

diff --git a/src/lib-test/fuzzer.c b/src/lib-test/fuzzer.c
index c15fee7c65..3ce5b527fa 100644
--- a/src/lib-test/fuzzer.c
+++ b/src/lib-test/fuzzer.c
@@ -85,3 +85,15 @@ int fuzzer_io_as_fd(struct fuzzer_context *fuzz_ctx,
 	iostream_pump_start(fuzz_ctx->pump);
 	return sfd[1];
 }
+
+
+const char *fuzzer_t_strndup_replace_zero(
+	const uint8_t *data, size_t size, char subst)
+{
+	char *out = t_malloc_no0(size + 1);
+	for (size_t index = 0; index < size; ++index) {
+		uint8_t ch = data[index];
+		out[index] = ch == 0 ? subst : (char)ch;
+	}
+	return out;
+}
\ No newline at end of file
diff --git a/src/lib-test/fuzzer.h b/src/lib-test/fuzzer.h
index e20ba1368b..8150b583e0 100644
--- a/src/lib-test/fuzzer.h
+++ b/src/lib-test/fuzzer.h
@@ -16,9 +16,12 @@ struct fuzzer_context {
 		struct fuzzer_context fuzz_ctx; \
 		fuzzer_init(&fuzz_ctx); T_BEGIN {
 
+const char *fuzzer_t_strndup_replace_zero(
+	const uint8_t *_param_data, size_t _param_size, char subst);
+
 #define FUZZ_BEGIN_STR(str_arg) \
 	FUZZ_BEGIN_DATA(const uint8_t *_param_data, size_t _param_size) \
-	str_arg = t_strndup(_param_data, _param_size);
+	str_arg = fuzzer_t_strndup_replace_zero(_param_data, _param_size, '\\');
 
 #define FUZZ_BEGIN_FD \
 	FUZZ_BEGIN_DATA(const uint8_t *_param_data, size_t _param_size) \