From: Philippe Antoine Date: Thu, 19 Nov 2020 13:10:08 +0000 (+0100) Subject: fuzz: check PacketCopyData return value before processing packet X-Git-Tag: suricata-6.0.1~26 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=33905b0910e93eeaceeacd21ee1671694a79cd74;p=thirdparty%2Fsuricata.git fuzz: check PacketCopyData return value before processing packet --- diff --git a/src/tests/fuzz/fuzz_sigpcap.c b/src/tests/fuzz/fuzz_sigpcap.c index f3e8ae1f21..d2c2f30f3d 100644 --- a/src/tests/fuzz/fuzz_sigpcap.c +++ b/src/tests/fuzz/fuzz_sigpcap.c @@ -143,22 +143,23 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) p->ts.tv_usec = header->ts.tv_usec; p->datalink = pcap_datalink(pkts); while (r > 0) { - PacketCopyData(p, pkt, header->caplen); - //DecodePcapFile - TmEcode ecode = tmm_modules[TMM_DECODEPCAPFILE].Func(&tv, p, dtv); - if (ecode == TM_ECODE_FAILED) { - break; - } - Packet *extra_p = PacketDequeueNoLock(&tv.decode_pq); - while (extra_p != NULL) { - PacketFree(extra_p); - extra_p = PacketDequeueNoLock(&tv.decode_pq); - } - tmm_modules[TMM_FLOWWORKER].Func(&tv, p, fwd); - extra_p = PacketDequeueNoLock(&tv.decode_pq); - while (extra_p != NULL) { - PacketFree(extra_p); + if (PacketCopyData(p, pkt, header->caplen) == 0) { + // DecodePcapFile + TmEcode ecode = tmm_modules[TMM_DECODEPCAPFILE].Func(&tv, p, dtv); + if (ecode == TM_ECODE_FAILED) { + break; + } + Packet *extra_p = PacketDequeueNoLock(&tv.decode_pq); + while (extra_p != NULL) { + PacketFree(extra_p); + extra_p = PacketDequeueNoLock(&tv.decode_pq); + } + tmm_modules[TMM_FLOWWORKER].Func(&tv, p, fwd); extra_p = PacketDequeueNoLock(&tv.decode_pq); + while (extra_p != NULL) { + PacketFree(extra_p); + extra_p = PacketDequeueNoLock(&tv.decode_pq); + } } r = pcap_next_ex(pkts, &header, &pkt); PACKET_RECYCLE(p);