From: Philippe Antoine Date: Thu, 1 Sep 2022 19:32:35 +0000 (+0200) Subject: fuzz: restrict flags passed to AppLayerProtoDetectGetProto X-Git-Tag: suricata-6.0.7~29 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=739eba94a51a48f9818488061cfb98a8012bb82b;p=thirdparty%2Fsuricata.git fuzz: restrict flags passed to AppLayerProtoDetectGetProto Manual adaptation of 05f9b3f and f4449d3 --- diff --git a/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c b/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c index ec6da106f4..8efe51eb6e 100644 --- a/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c +++ b/src/tests/fuzz/fuzz_applayerprotodetectgetproto.c @@ -59,7 +59,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) f->protoctx = &ssn; f->protomap = FlowGetProtoMapping(f->proto); - alproto = AppLayerProtoDetectGetProto(alpd_tctx, f, data+HEADER_LEN, size-HEADER_LEN, f->proto, data[0], &reverse); + uint8_t flags = STREAM_TOCLIENT; + if (data[0] & STREAM_TOSERVER) { + flags = STREAM_TOSERVER; + } + alproto = AppLayerProtoDetectGetProto( + alpd_tctx, f, data + HEADER_LEN, size - HEADER_LEN, f->proto, flags, &reverse); if (alproto != ALPROTO_UNKNOWN && alproto != ALPROTO_FAILED && f->proto == IPPROTO_TCP) { /* If we find a valid protocol : * check that with smaller input @@ -70,7 +75,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) // reset detection at each try cf probing_parser_toserver_alproto_masks AppLayerProtoDetectReset(f); alproto2 = AppLayerProtoDetectGetProto( - alpd_tctx, f, data + HEADER_LEN, i, f->proto, data[0], &reverse); + alpd_tctx, f, data + HEADER_LEN, i, f->proto, flags, &reverse); if (alproto2 != ALPROTO_UNKNOWN && alproto2 != alproto) { printf("Failed with input length %" PRIuMAX " versus %" PRIuMAX ", found %s instead of %s\n",