Fuzzer: Gracefully handle hashes that cannot be serialized

author: Nikita Popov <nikita.ppv@gmail.com> 2021-01-11 15:44:42 +0100
committer: Nikita Popov <nikita.ppv@gmail.com> 2021-01-11 15:45:43 +0100
commit: 3b542021e471c2927e5225fa0680be4dbbc1da60 (patch)
tree: 1bcf9fa9402460ad15536316766cd819ff458145
parent: c7fe18aca6db7691fda74a730d2080894584f1d1 (diff)
download: php-git-3b542021e471c2927e5225fa0680be4dbbc1da60.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/sapi/fuzzer/generate_unserializehash_corpus.php b/sapi/fuzzer/generate_unserializehash_corpus.php
index 04c6ea1428..c7c5925428 100644
--- a/sapi/fuzzer/generate_unserializehash_corpus.php
+++ b/sapi/fuzzer/generate_unserializehash_corpus.php
@@ -6,5 +6,11 @@ $corpusDir = __DIR__ . '/corpus/unserializehash';
 foreach (hash_algos() as $algo) {
     $ctx = hash_init($algo);
     $algx = preg_replace('/[^-_a-zA-Z0-9]/', '_', $algo);
-    file_put_contents($corpusDir . '/' . $algx, "x|" . serialize($ctx));
+    try {
+        $serialized = serialize($ctx);
+    } catch (Exception $e) {
+        echo "Hash algorithm $algo could not be serialized.\n";
+        continue;
+    }
+    file_put_contents($corpusDir . '/' . $algx, "x|" . $serialized);
 }
author	Nikita Popov <nikita.ppv@gmail.com>	2021-01-11 15:44:42 +0100
committer	Nikita Popov <nikita.ppv@gmail.com>	2021-01-11 15:45:43 +0100
commit	3b542021e471c2927e5225fa0680be4dbbc1da60 (patch)
tree	1bcf9fa9402460ad15536316766cd819ff458145
parent	c7fe18aca6db7691fda74a730d2080894584f1d1 (diff)
download	php-git-3b542021e471c2927e5225fa0680be4dbbc1da60.tar.gz