aboutsummaryrefslogtreecommitdiff
path: root/src/test/fuzz/util.cpp
diff options
context:
space:
mode:
authoreugene <elzeigel@gmail.com>2022-02-27 17:03:35 -0500
committereugene <elzeigel@gmail.com>2022-02-27 17:03:35 -0500
commitfc471814dc34abb4d5479803ebb1033b572eda43 (patch)
tree6fd1a43760d6805de0b22bc53def74052ec9af5d /src/test/fuzz/util.cpp
parentee8c99712561bfbe823d9cd787a421b5424a75d9 (diff)
fuzz: FuzzedFileProvider::write should not return negative value
Doing so can lead to a glibc crash. Also the manpage for fopencookie warns against this: https://man7.org/linux/man-pages/man3/fopencookie.3.html
Diffstat (limited to 'src/test/fuzz/util.cpp')
-rw-r--r--src/test/fuzz/util.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/test/fuzz/util.cpp b/src/test/fuzz/util.cpp
index 2514636d6e..f0c1b0d147 100644
--- a/src/test/fuzz/util.cpp
+++ b/src/test/fuzz/util.cpp
@@ -566,7 +566,7 @@ ssize_t FuzzedFileProvider::write(void* cookie, const char* buf, size_t size)
SetFuzzedErrNo(fuzzed_file->m_fuzzed_data_provider);
const ssize_t n = fuzzed_file->m_fuzzed_data_provider.ConsumeIntegralInRange<ssize_t>(0, size);
if (AdditionOverflow(fuzzed_file->m_offset, (int64_t)n)) {
- return fuzzed_file->m_fuzzed_data_provider.ConsumeBool() ? 0 : -1;
+ return 0;
}
fuzzed_file->m_offset += n;
return n;