github-mirrors/thirdparty-miniz
1
0
Fork 0
mirror of https://github.com/eledio-devices/thirdparty-miniz.git synced 2025-10-31 08:42:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use variable size input buffer in uncompress fuzzer.

Browse Source
This commit is contained in:
Nathan Moinvaziri
2020-10-17 16:10:59 -07:00
parent 5ebed82882
commit 1e7621d96c
1 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
tests/uncompress_fuzzer.c
View File

@@ -8,13 +8,23 @@
#include "miniz.h" #include "miniz.h"
static unsigned char buffer[256 * 1024] = { 0 };
int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{ {
unsigned long int buffer_length = sizeof(buffer); unsigned long int buffer_length = 1;
unsigned char *buffer = NULL;
int z_status = 0;
if (Z_OK != uncompress(buffer, &buffer_length, data, size)) return 0; if (size > 0)
buffer_length *= data[0];
if (size > 1)
buffer_length *= data[1];
buffer = (unsigned char *)malloc(buffer_length);
z_status = uncompress(buffer, &buffer_length, data, size);
free(buffer);
if (Z_OK != z_status)
return 0;
return 0; return 0;
} }