From: Philippe Antoine <contact@catenacyber.fr>
Date: Thu, 9 Dec 2021 19:43:56 +0000 (+0100)
Subject: detect: do not upgrade base64 decode when fuzzing
X-Git-Tag: suricata-7.0.0-beta1~1015
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=23fb139e009c532bed404146e0dde5a0f9a6f1f9;p=thirdparty%2Fsuricata.git

detect: do not upgrade base64 decode when fuzzing

As fuzzing will put a very big value, and then
ThreadCtxDoInit will try to allocate it,
ending in out of memory
---

diff --git a/src/detect-base64-decode.c b/src/detect-base64-decode.c
index 751a6972a3..44c7c44989 100644
--- a/src/detect-base64-decode.c
+++ b/src/detect-base64-decode.c
@@ -233,6 +233,9 @@ static int DetectBase64DecodeSetup(DetectEngineCtx *de_ctx, Signature *s,
         data->bytes = BASE64_DECODE_MAX;
     }
     if (data->bytes > de_ctx->base64_decode_max_len) {
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+        data->bytes = BASE64_DECODE_MAX;
+#endif
         de_ctx->base64_decode_max_len = data->bytes;
     }