git:5.6:c07b6c55: misc/fuzz: add checks on input size - sr-dev

6 Oct 2022

Module: kamailio
Branch: 5.6
Commit: c07b6c55e4cdcc4cf46dafa4431e79a024ca10ec
URL: https://github.com/kamailio/kamailio/commit/c07b6c55e4cdcc4cf46dafa4431e79a0...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2022-10-06T10:33:23+02:00
misc/fuzz: add checks on input size
- test with larger messages than core accepts
(cherry picked from commit 1cd2fc1977bfa5e362cef0199e4643085c66d3d1)
---
Modified: misc/fuzz/fuzz_parse_msg.c
Modified: misc/fuzz/fuzz_uri.c
---
Diff:  https://github.com/kamailio/kamailio/commit/c07b6c55e4cdcc4cf46dafa4431e79a0...
Patch: https://github.com/kamailio/kamailio/commit/c07b6c55e4cdcc4cf46dafa4431e79a0...
---

diff --git a/misc/fuzz/fuzz_parse_msg.c b/misc/fuzz/fuzz_parse_msg.c
index e20c2e64f3a..80fe75a226b 100644
--- a/misc/fuzz/fuzz_parse_msg.c
+++ b/misc/fuzz/fuzz_parse_msg.c
@@ -1,3 +1,4 @@
+#include "../config.h"
 #include "../parser/sdp/sdp.h"
 #include "../parser/parse_uri.c"
 #include "../parser/parse_hname2.h"
@@ -23,6 +24,11 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     orig_inv.buf = (char*)data;
     orig_inv.len = size;
+    if(size >= 4*BUF_SIZE) {
+        /* test with larger message than core accepts, but not indefinitely large */
+        return 0;
+    }
+
     if (parse_msg(orig_inv.buf, orig_inv.len, &orig_inv) < 0) {
         goto cleanup;
     }
diff --git a/misc/fuzz/fuzz_uri.c b/misc/fuzz/fuzz_uri.c
index 9418d6eed4d..3cc6dec061f 100644
--- a/misc/fuzz/fuzz_uri.c
+++ b/misc/fuzz/fuzz_uri.c
@@ -1,8 +1,14 @@
+
+#include "../config.h"
 #include "../parser/parse_uri.c"
int
 LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     struct sip_uri uri;
+    if(size >= BUF_SIZE) {
+        /* test with larger message than core accepts, but not indefinitely large */
+        return 0;
+    }
     parse_uri(data, size, &uri);
     return 0;
 }

    