Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-2136

fuzz-connection-driver.c exits with 1 when the engine stops accepting additional input

    XMLWordPrintableJSON

Details

    • Test
    • Status: Closed
    • Major
    • Resolution: Fixed
    • proton-c-0.29.0
    • proton-c-0.30.0
    • proton-c
    • None

    Description

      size_t fcd_read(pn_connection_driver_t *driver, uint8_t **data, size_t *size) {
        pn_rwbytes_t buf = pn_connection_driver_read_buffer(driver);
        size_t s = (*size < buf.size) ? *size : buf.size;
        if (buf.start == NULL) {
          exit(1);
        }
      

      The engine offers a null buffer for further input. AFAIK that is legit, because it is just that the "socket" was closed for further input, after reading the invalid header.

      The fuzz target should just return peacefully at this point and not crash.

      Attachments

        Issue Links

          Activity

            People

              jdanek Jiri Daněk
              jdanek Jiri Daněk
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: