From: Philippe Antoine <pantoine@oisf.net>
Date: Mon, 30 Jan 2023 09:49:29 +0000 (+0100)
Subject: fuzz: checks pcap timestamp consistency
X-Git-Tag: suricata-6.0.10~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fd358a56164928495cc647ae07c826e3125172e5;p=thirdparty%2Fsuricata.git

fuzz: checks pcap timestamp consistency

Inspired by commit e22b59b8c17c2fb8ae30b2612086a7975cd94a6c

Master7 is now diverging with use of SCTime_t
---

diff --git a/src/tests/fuzz/fuzz_sigpcap.c b/src/tests/fuzz/fuzz_sigpcap.c
index 37fe0f60dc..c73ca8d50d 100644
--- a/src/tests/fuzz/fuzz_sigpcap.c
+++ b/src/tests/fuzz/fuzz_sigpcap.c
@@ -1,7 +1,7 @@
 /**
  * @file
  * @author Philippe Antoine <contact@catenacyber.fr>
- * fuzz target for AppLayerProtoDetectGetProto
+ * fuzz target for signature file and pcap file
  */
 
 #include "suricata-common.h"
@@ -141,6 +141,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     //loop over packets
     r = pcap_next_ex(pkts, &header, &pkt);
     p = PacketGetFromAlloc();
+    if (r <= 0 || header->ts.tv_sec >= INT_MAX - 3600 || header->ts.tv_usec < 0) {
+        goto bail;
+    }
     p->ts.tv_sec = header->ts.tv_sec;
     p->ts.tv_usec = header->ts.tv_usec % 1000000;
     p->datalink = pcap_datalink(pkts);
@@ -165,12 +168,16 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
         }
         r = pcap_next_ex(pkts, &header, &pkt);
         PACKET_RECYCLE(p);
+        if (r <= 0 || header->ts.tv_sec >= INT_MAX - 3600 || header->ts.tv_usec < 0) {
+            goto bail;
+        }
         p->ts.tv_sec = header->ts.tv_sec;
         p->ts.tv_usec = header->ts.tv_usec % 1000000;
         p->datalink = pcap_datalink(pkts);
         pcap_cnt++;
         p->pcap_cnt = pcap_cnt;
     }
+bail:
     //close structure
     pcap_close(pkts);
     PacketFree(p);