mirror of https://github.com/openssl/openssl
Don't print excessively long ASN1 items in fuzzer
Prevent spurious fuzzer timeouts by not printing ASN1 which is excessively long. This fixes a false positive encountered by OSS-Fuzz. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/23640)
This commit is contained in:
parent
ffc853bcb5
commit
4a6f70c031
14
fuzz/asn1.c
14
fuzz/asn1.c
|
@ -312,10 +312,16 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
|
|||
ASN1_VALUE *o = ASN1_item_d2i(NULL, &b, len, i);
|
||||
|
||||
if (o != NULL) {
|
||||
BIO *bio = BIO_new(BIO_s_null());
|
||||
if (bio != NULL) {
|
||||
ASN1_item_print(bio, o, 4, i, pctx);
|
||||
BIO_free(bio);
|
||||
/*
|
||||
* Don't print excessively long output to prevent spurious fuzzer
|
||||
* timeouts.
|
||||
*/
|
||||
if (b - buf < 10000) {
|
||||
BIO *bio = BIO_new(BIO_s_null());
|
||||
if (bio != NULL) {
|
||||
ASN1_item_print(bio, o, 4, i, pctx);
|
||||
BIO_free(bio);
|
||||
}
|
||||
}
|
||||
if (ASN1_item_i2d(o, &der, i) > 0) {
|
||||
OPENSSL_free(der);
|
||||
|
|
Loading…
Reference in New Issue