diff options
author | Nikita Popov <nikita.ppv@gmail.com> | 2020-09-11 18:34:15 +0200 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-09-11 18:35:16 +0200 |
commit | 99a68775bf937adc062a5a107cdf6340c3077b66 (patch) | |
tree | 92c4e03aee3802d539ba0b7ebb5e2fadc2681f32 | |
parent | cd05b56a6f7d4f03a80f86c15248eda995b1762e (diff) | |
download | php-git-99a68775bf937adc062a5a107cdf6340c3077b66.tar.gz |
Fix mbstring fuzzer
mb_ereg can throw now, so we need a dummy frame and need to
free the exception afterwards.
-rw-r--r-- | sapi/fuzzer/fuzzer-mbstring.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sapi/fuzzer/fuzzer-mbstring.c b/sapi/fuzzer/fuzzer-mbstring.c index 9c00761ad0..c8f084dbd4 100644 --- a/sapi/fuzzer/fuzzer-mbstring.c +++ b/sapi/fuzzer/fuzzer-mbstring.c @@ -39,6 +39,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; } + fuzzer_setup_dummy_frame(); + args[0] = data; args[1] = "test123"; fuzzer_call_php_func("mb_ereg", 2, args); @@ -55,7 +57,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { args[1] = data; fuzzer_call_php_func("mb_eregi", 2, args); - php_request_shutdown(NULL); + fuzzer_request_shutdown(); free(data); #else |