diff options
author | 2017-01-21 04:33:38 +0100 | |
---|---|---|
committer | 2017-01-20 19:33:38 -0800 | |
commit | 555a80407b0237b4e1cd1cd29f1346acd54f38ed (patch) | |
tree | a389aaa5cdb55e50749c8f14d3e9517c0615f50a /projects/libarchive/libarchive_fuzzer.cc | |
parent | f1d0beed71e4feacf6d6fc8ddfa90f057fe3053b (diff) |
[libarchive] correctly exit on read error in libarchive_fuzzer.cc (#305) (#305)
Thanks!
As we are discussing in https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=234#c6
we encourage you to move this file into your repo.
https://github.com/google/oss-fuzz/blob/master/docs/ideal_integration.md
Diffstat (limited to 'projects/libarchive/libarchive_fuzzer.cc')
-rw-r--r-- | projects/libarchive/libarchive_fuzzer.cc | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/projects/libarchive/libarchive_fuzzer.cc b/projects/libarchive/libarchive_fuzzer.cc index fb6fb5a5..9d0d0a32 100644 --- a/projects/libarchive/libarchive_fuzzer.cc +++ b/projects/libarchive/libarchive_fuzzer.cc @@ -34,6 +34,7 @@ ssize_t reader_callback(struct archive *a, void *client_data, } extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { + ssize_t r; struct archive *a = archive_read_new(); archive_read_support_filter_all(a); @@ -45,8 +46,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { std::vector<uint8_t> data_buffer(getpagesize(), 0); struct archive_entry *entry; while (archive_read_next_header(a, &entry) == ARCHIVE_OK) { - while (archive_read_data(a, data_buffer.data(), data_buffer.size()) > 0) + while ((r = archive_read_data(a, data_buffer.data(), + data_buffer.size()) > 0) ; + if (r == ARCHIVE_FATAL) + break; } archive_read_free(a); |