diff options
author | Alan Antonuk <alan.antonuk@gmail.com> | 2023-03-01 02:49:46 +0000 |
---|---|---|
committer | Alan Antonuk <alan.antonuk@gmail.com> | 2023-02-28 22:01:12 -0500 |
commit | cb04afb806447d509e7722776e8533c5069571a3 (patch) | |
tree | 5cf6867c8a2f73acd84c4ecdd49f9ed8ffcc28b7 | |
parent | c3550e7accda82a55f7c142284de65f117b30977 (diff) | |
download | rabbitmq-c-cb04afb806447d509e7722776e8533c5069571a3.tar.gz |
Correct fuzz_table.c to conform to fuzzing API
1. The amqp_pool_t must be emptied after use using empty_amqp_pool
(which should correct the obvious issue with a leak detected in:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56161).
2. The return value of amqp_decode_table will be non-zero when it cannot
decode the table, this is working as expected. So this value should
not be returned out of a single loop.
Signed-off-by: GitHub <noreply@github.com>
-rw-r--r-- | fuzz/fuzz_table.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/fuzz/fuzz_table.c b/fuzz/fuzz_table.c index fbac460..34a75ea 100644 --- a/fuzz/fuzz_table.c +++ b/fuzz/fuzz_table.c @@ -13,7 +13,7 @@ extern int LLVMFuzzerTestOneInput(const char *data, size_t size) { - int result; + int unused_result; amqp_pool_t pool; init_amqp_pool(&pool, 4096); @@ -24,8 +24,9 @@ extern int LLVMFuzzerTestOneInput(const char *data, size_t size) { decoding_bytes.len = size; decoding_bytes.bytes = (uint8_t *)data; - result = + unused_result = amqp_decode_table(decoding_bytes, &pool, &decoded, &decoding_offset); } - return result; + empty_amqp_pool(&pool); + return 0; } |