[sr-dev] git:5.6:c07b6c55: misc/fuzz: add checks on input size
Daniel-Constantin Mierla
miconda at gmail.com
Thu Oct 6 10:49:12 CEST 2022
Module: kamailio
Branch: 5.6
Commit: c07b6c55e4cdcc4cf46dafa4431e79a024ca10ec
URL: https://github.com/kamailio/kamailio/commit/c07b6c55e4cdcc4cf46dafa4431e79a024ca10ec
Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2022-10-06T10:33:23+02:00
misc/fuzz: add checks on input size
- test with larger messages than core accepts
(cherry picked from commit 1cd2fc1977bfa5e362cef0199e4643085c66d3d1)
---
Modified: misc/fuzz/fuzz_parse_msg.c
Modified: misc/fuzz/fuzz_uri.c
---
Diff: https://github.com/kamailio/kamailio/commit/c07b6c55e4cdcc4cf46dafa4431e79a024ca10ec.diff
Patch: https://github.com/kamailio/kamailio/commit/c07b6c55e4cdcc4cf46dafa4431e79a024ca10ec.patch
---
diff --git a/misc/fuzz/fuzz_parse_msg.c b/misc/fuzz/fuzz_parse_msg.c
index e20c2e64f3a..80fe75a226b 100644
--- a/misc/fuzz/fuzz_parse_msg.c
+++ b/misc/fuzz/fuzz_parse_msg.c
@@ -1,3 +1,4 @@
+#include "../config.h"
#include "../parser/sdp/sdp.h"
#include "../parser/parse_uri.c"
#include "../parser/parse_hname2.h"
@@ -23,6 +24,11 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
orig_inv.buf = (char*)data;
orig_inv.len = size;
+ if(size >= 4*BUF_SIZE) {
+ /* test with larger message than core accepts, but not indefinitely large */
+ return 0;
+ }
+
if (parse_msg(orig_inv.buf, orig_inv.len, &orig_inv) < 0) {
goto cleanup;
}
diff --git a/misc/fuzz/fuzz_uri.c b/misc/fuzz/fuzz_uri.c
index 9418d6eed4d..3cc6dec061f 100644
--- a/misc/fuzz/fuzz_uri.c
+++ b/misc/fuzz/fuzz_uri.c
@@ -1,8 +1,14 @@
+
+#include "../config.h"
#include "../parser/parse_uri.c"
int
LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
struct sip_uri uri;
+ if(size >= BUF_SIZE) {
+ /* test with larger message than core accepts, but not indefinitely large */
+ return 0;
+ }
parse_uri(data, size, &uri);
return 0;
}
More information about the sr-dev
mailing list