[Libreoffice-commits] online.git: fuzzer/ClientSession.cpp

[Miklos Vajna (via logerrit)]

 fuzzer/ClientSession.cpp |    3 +++
 1 file changed, 3 insertions(+)

New commits:
commit 1016de956a80ccb34bbc784801007197a79cef81
Author:     Miklos Vajna <vmik...@collabora.com>
AuthorDate: Thu Feb 27 13:58:06 2020 +0100
Commit:     Miklos Vajna <vmik...@collabora.com>
CommitDate: Thu Feb 27 15:11:31 2020 +0100

    fuzzer: fix OOM with an ever-growing SocketPoll::_newCallbacks
    
    Admin::instance().dumpState(std::cerr) at the end of a run shows:
     Poll [0] - wakeup r: 11 w: 12
            callbacks: 103
            fd      events  rsize   wsize
    
    This is more a problem in the fuzzer itself than in the code, the
    unprocessed callbacks reached the intentionally set 2GB limit in about
    20 mins, so process them at the end of each run.
    
    Change-Id: Ic12d3e8555417371f4ca44228fc1ff515d704592
    Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89632
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
    Reviewed-by: Miklos Vajna <vmik...@collabora.com>

diff --git a/fuzzer/ClientSession.cpp b/fuzzer/ClientSession.cpp
index 53872d5ca..d68f27fb7 100644
--- a/fuzzer/ClientSession.cpp
+++ b/fuzzer/ClientSession.cpp
@@ -34,6 +34,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, 
size_t size)
         std::vector<char> lineVector(line.data(), line.data() + line.size());
         session->handleMessage(fin, code, lineVector);
     }
+
+    // Make sure SocketPoll::_newCallbacks does not grow forever, leading to 
OOM.
+    Admin::instance().poll(SocketPoll::DefaultPollTimeoutMs);
     return 0;
 }
 
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits