luc14n0/glib - glib - openSUSE Gitea

luc14n0/glib

Fork 0

mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-12-28 00:16:15 +01:00

Commit Graph

Author	SHA1	Message	Date
Philip Withnall	276889ac85	fuzzing: Add input length limits on g_string_replace() test Limit the input size. With a short @find, and a long `init` and `replace` it’s quite possible to hit OOM. We’re not interested in testing that — it’s up to the caller of `g_string_replace()` to handle that. 1KB on each of the inputs should be plenty to find any string parsing or pointer arithmetic bugs in `g_string_replace()`. Signed-off-by: Philip Withnall <pwithnall@gnome.org> oss-fuzz#371233785	2024-10-05 23:01:58 +01:00
Philip Withnall	4136db0a8c	fuzzing: Add simple fuzz test for g_string_replace() Now that the implementation of it is significantly more complex, involving pointer arithmetic, it should probably be fuzzed. It’s not an API which is obviously used to handle untrusted input, but some users of GLib might do so. Signed-off-by: Philip Withnall <pwithnall@gnome.org>	2024-09-28 22:37:53 +01:00

Author

SHA1

Message

Date

Philip Withnall

276889ac85

fuzzing: Add input length limits on g_string_replace() test

Limit the input size. With a short @find, and a long `init` and `replace`
it’s quite possible to hit OOM. We’re not interested in testing that — it’s
up to the caller of `g_string_replace()` to handle that. 1KB on each of the
inputs should be plenty to find any string parsing or pointer arithmetic
bugs in `g_string_replace()`.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>

oss-fuzz#371233785

2024-10-05 23:01:58 +01:00

Philip Withnall

4136db0a8c

fuzzing: Add simple fuzz test for g_string_replace()

Now that the implementation of it is significantly more complex,
involving pointer arithmetic, it should probably be fuzzed. It’s not an
API which is obviously used to handle untrusted input, but some users of
GLib might do so.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>

2024-09-28 22:37:53 +01:00

2 Commits