diff options
author | Matt Caswell <matt@openssl.org> | 2024-02-20 15:11:26 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2024-02-21 16:45:33 +0000 |
commit | 4a6f70c03182b421d326831532edca32bcdb3fb1 (patch) | |
tree | 4b9e63224a53d81c582092fb6dac97c2541ff8b8 | |
parent | ffc853bcb5f431d57b8a24dd062ff76d52891e63 (diff) | |
download | openssl-master.tar.gz |
Prevent spurious fuzzer timeouts by not printing ASN1 which is excessively
long.
This fixes a false positive encountered by OSS-Fuzz.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/23640)
-rw-r--r-- | fuzz/asn1.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/fuzz/asn1.c b/fuzz/asn1.c index ee602a08a3..d55554b7fd 100644 --- a/fuzz/asn1.c +++ b/fuzz/asn1.c @@ -312,10 +312,16 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) ASN1_VALUE *o = ASN1_item_d2i(NULL, &b, len, i); if (o != NULL) { - BIO *bio = BIO_new(BIO_s_null()); - if (bio != NULL) { - ASN1_item_print(bio, o, 4, i, pctx); - BIO_free(bio); + /* + * Don't print excessively long output to prevent spurious fuzzer + * timeouts. + */ + if (b - buf < 10000) { + BIO *bio = BIO_new(BIO_s_null()); + if (bio != NULL) { + ASN1_item_print(bio, o, 4, i, pctx); + BIO_free(bio); + } } if (ASN1_item_i2d(o, &der, i) > 0) { OPENSSL_free(der); |