Merge bitcoin/bitcoin#22649: fuzz: Avoid OOM in system fuzz target

fa7718344d2879bb3f3c00a4185c5445390c017d fuzz: Avoid OOM in system fuzz target (MarcoFalke)

Pull request description:

  If the inputs size is unlimited, the target may consume unlimited memory, because the argsmanager stores the argument names. Limiting the size should fix this issue.

  Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36906

ACKs for top commit:
  practicalswift:
    cr ACK fa7718344d2879bb3f3c00a4185c5445390c017d

Tree-SHA512: 6edfcf324ee9d94e511038ee01340f02db50bcb233af3f1a1717c3602164c88528d9d987e971ec32f1a4593b868019bea0102c53c9b02bfefec3dfde959483cf

2 files changed, 5 insertions, 1 deletions

diff --git a/src/test/fuzz/fuzz.h b/src/test/fuzz/fuzz.h
index 2bad77bdc1..ce8fd660aa 100644
--- a/src/test/fuzz/fuzz.h
+++ b/src/test/fuzz/fuzz.h
@@ -11,6 +11,9 @@
 #include <functional>
 #include <string_view>
 
+#define LIMITED_WHILE(condition, limit) \
+    for (unsigned _count{limit}; (condition) && _count; --_count)
+
 using FuzzBufferType = Span<const uint8_t>;
 
 using TypeTestOneInput = std::function<void(FuzzBufferType)>;
diff --git a/src/test/fuzz/system.cpp b/src/test/fuzz/system.cpp
index b25dcfcd3b..0f53939eac 100644
--- a/src/test/fuzz/system.cpp
+++ b/src/test/fuzz/system.cpp
@@ -31,7 +31,8 @@ FUZZ_TARGET(system)
         SetupHelpOptions(args_manager);
     }
 
-    while (fuzzed_data_provider.ConsumeBool()) {
+    LIMITED_WHILE(fuzzed_data_provider.ConsumeBool(), 3000)
+    {
         CallOneOf(
             fuzzed_data_provider,
             [&] {