diff options
author | eugene <elzeigel@gmail.com> | 2022-02-27 17:03:35 -0500 |
---|---|---|
committer | eugene <elzeigel@gmail.com> | 2022-02-27 17:03:35 -0500 |
commit | fc471814dc34abb4d5479803ebb1033b572eda43 (patch) | |
tree | 6fd1a43760d6805de0b22bc53def74052ec9af5d /src/test/fuzz/util.cpp | |
parent | ee8c99712561bfbe823d9cd787a421b5424a75d9 (diff) |
fuzz: FuzzedFileProvider::write should not return negative value
Doing so can lead to a glibc crash. Also the manpage for fopencookie
warns against this: https://man7.org/linux/man-pages/man3/fopencookie.3.html
Diffstat (limited to 'src/test/fuzz/util.cpp')
-rw-r--r-- | src/test/fuzz/util.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/test/fuzz/util.cpp b/src/test/fuzz/util.cpp index 2514636d6e..f0c1b0d147 100644 --- a/src/test/fuzz/util.cpp +++ b/src/test/fuzz/util.cpp @@ -566,7 +566,7 @@ ssize_t FuzzedFileProvider::write(void* cookie, const char* buf, size_t size) SetFuzzedErrNo(fuzzed_file->m_fuzzed_data_provider); const ssize_t n = fuzzed_file->m_fuzzed_data_provider.ConsumeIntegralInRange<ssize_t>(0, size); if (AdditionOverflow(fuzzed_file->m_offset, (int64_t)n)) { - return fuzzed_file->m_fuzzed_data_provider.ConsumeBool() ? 0 : -1; + return 0; } fuzzed_file->m_offset += n; return n; |