Felix-Gong opened a new pull request, #3314: URL: https://github.com/apache/brpc/pull/3314
## What problem does this PR solve? Issue Number: Fix #3114 `get_fuzz_socket()` in `test/fuzzing/fuzz_common.h` sets `initialized = true` unconditionally after the first attempt, even when `Socket::Create()` or `Socket::Address()` fails. This causes all subsequent calls to return `NULL`, and the fuzz harnesses pass this `NULL` pointer directly to protocol parse functions (e.g., `ParseHuluMessage`), which dereference it via `socket->remote_side()`, triggering a SEGV. ## What is changed and how it works? 1. **`fuzz_common.h`**: Move `initialized = true` inside the success branch so that `get_fuzz_socket()` retries socket creation on failure instead of permanently returning `NULL`. 2. **All 9 fuzz test files**: Add a `NULL` check for the socket pointer before calling the parse function. If socket creation fails after retry, the test gracefully returns 0 instead of crashing. ## Check List - [x] Tests (fuzz test syntax verification passes for all 9 modified files) - [x] No API changes - [x] No breaking changes ## Side effects None. Changes are limited to fuzz test harness code. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
