diff options
author | Vasil Dimov <vd@FreeBSD.org> | 2024-06-12 14:41:50 +0200 |
---|---|---|
committer | Vasil Dimov <vd@FreeBSD.org> | 2024-06-14 14:56:17 +0200 |
commit | 4d81b4de339efbbb68c9785203b699e6e12ecd83 (patch) | |
tree | 5b4a9e005cffcbbcd63731969cb5c63f9dc5a36e /src/init.cpp | |
parent | b51d75ea97ee0d01ee586e40a30cb68c0bf7ffd3 (diff) |
fuzz: FuzzedSock::Recv() don't lose bytes from MSG_PEEK read
Problem:
If `FuzzedSock::Recv(N, MSG_PEEK)` is called then `N` bytes would be
retrieved from the fuzz provider, saved in `m_peek_data` and returned
to the caller (ok).
If after this `FuzzedSock::Recv(M, 0)` is called where `M < N`
then the first `M` bytes from `m_peek_data` would be returned
to the caller (ok), but the remaining `N - M` bytes in `m_peek_data`
would be discarded/lost (not ok). They must be returned by a subsequent
`Recv()`.
To resolve this, only remove the head `N` bytes from `m_peek_data`.
Diffstat (limited to 'src/init.cpp')
0 files changed, 0 insertions, 0 deletions