diff options
| author | Lennart Poettering <lennart@poettering.net> | 2019-02-26 19:02:12 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-02-26 19:02:12 +0100 |
| commit | f3892edd5e9f5b082bc44bc5c3f580a881af6a79 (patch) | |
| tree | 6f1ef8bbf770c98d8ab089a51a509977e20481b3 /src/fuzz | |
| parent | 9a43fc6a2ad9e88719c4496fbeebf18cfb65cbb2 (diff) | |
| parent | 9b7f73b03f99d9375506c7d54e8a993d027e4506 (diff) | |
| download | systemd-f3892edd5e9f5b082bc44bc5c3f580a881af6a79.tar.gz | |
Merge pull request #11824 from keszybz/fuzzer-fixes
Fuzzer fixes
Diffstat (limited to 'src/fuzz')
| -rw-r--r-- | src/fuzz/fuzz-journald-stream.c | 2 | ||||
| -rw-r--r-- | src/fuzz/fuzz-journald-stream.options | 2 | ||||
| -rw-r--r-- | src/fuzz/fuzz-lldp.c | 3 | ||||
| -rw-r--r-- | src/fuzz/fuzz-lldp.options | 2 | ||||
| -rw-r--r-- | src/fuzz/fuzz-ndisc-rs.c | 3 | ||||
| -rw-r--r-- | src/fuzz/fuzz-ndisc-rs.options | 2 |
6 files changed, 13 insertions, 1 deletions
diff --git a/src/fuzz/fuzz-journald-stream.c b/src/fuzz/fuzz-journald-stream.c index 5d6c8eb8ca..bc53964139 100644 --- a/src/fuzz/fuzz-journald-stream.c +++ b/src/fuzz/fuzz-journald-stream.c @@ -15,7 +15,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { StdoutStream *stream; int v; - if (size == 0) + if (size == 0 || size > 65536) return 0; if (!getenv("SYSTEMD_LOG_LEVEL")) diff --git a/src/fuzz/fuzz-journald-stream.options b/src/fuzz/fuzz-journald-stream.options new file mode 100644 index 0000000000..678d526b1e --- /dev/null +++ b/src/fuzz/fuzz-journald-stream.options @@ -0,0 +1,2 @@ +[libfuzzer] +max_len = 65536 diff --git a/src/fuzz/fuzz-lldp.c b/src/fuzz/fuzz-lldp.c index b9291d4783..7f252309cd 100644 --- a/src/fuzz/fuzz-lldp.c +++ b/src/fuzz/fuzz-lldp.c @@ -23,6 +23,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { _cleanup_(sd_event_unrefp) sd_event *e = NULL; _cleanup_(sd_lldp_unrefp) sd_lldp *lldp = NULL; + if (size > 2048) + return 0; + assert_se(sd_event_new(&e) == 0); assert_se(sd_lldp_new(&lldp) >= 0); assert_se(sd_lldp_set_ifindex(lldp, 42) >= 0); diff --git a/src/fuzz/fuzz-lldp.options b/src/fuzz/fuzz-lldp.options new file mode 100644 index 0000000000..60bd9b0b2f --- /dev/null +++ b/src/fuzz/fuzz-lldp.options @@ -0,0 +1,2 @@ +[libfuzzer] +max_len = 2048 diff --git a/src/fuzz/fuzz-ndisc-rs.c b/src/fuzz/fuzz-ndisc-rs.c index 3a1e60fc5d..d8d256d127 100644 --- a/src/fuzz/fuzz-ndisc-rs.c +++ b/src/fuzz/fuzz-ndisc-rs.c @@ -43,6 +43,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { _cleanup_(sd_event_unrefp) sd_event *e = NULL; _cleanup_(sd_ndisc_unrefp) sd_ndisc *nd = NULL; + if (size > 2048) + return 0; + assert_se(sd_event_new(&e) >= 0); assert_se(sd_ndisc_new(&nd) >= 0); assert_se(sd_ndisc_attach_event(nd, e, 0) >= 0); diff --git a/src/fuzz/fuzz-ndisc-rs.options b/src/fuzz/fuzz-ndisc-rs.options new file mode 100644 index 0000000000..60bd9b0b2f --- /dev/null +++ b/src/fuzz/fuzz-ndisc-rs.options @@ -0,0 +1,2 @@ +[libfuzzer] +max_len = 2048 |