The branch, master has been updated
via 930695b04d2 fuzz_dcerpc_parse_binding: don't leak
from 67c437bf11c s3:tests: Improve test_force_close_share test
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 930695b04d2c3984c4e335ff25471b2432885884
Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Date: Sun Oct 18 11:59:40 2020 +1300
fuzz_dcerpc_parse_binding: don't leak
Also, by not tallocing at all in the too-long case, we can short
circuit quicker.
Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Tue Oct 20 02:26:40 UTC 2020 on sn-devel-184
-----------------------------------------------------------------------
Summary of changes:
lib/fuzzing/fuzz_dcerpc_parse_binding.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/lib/fuzzing/fuzz_dcerpc_parse_binding.c
b/lib/fuzzing/fuzz_dcerpc_parse_binding.c
index 5f1c68707ed..61df0c0670e 100644
--- a/lib/fuzzing/fuzz_dcerpc_parse_binding.c
+++ b/lib/fuzzing/fuzz_dcerpc_parse_binding.c
@@ -26,7 +26,7 @@ char buf[MAX_LENGTH + 1];
int LLVMFuzzerTestOneInput(uint8_t *input, size_t len)
{
- TALLOC_CTX *mem_ctx = talloc_new(NULL);
+ TALLOC_CTX *mem_ctx = NULL;
struct dcerpc_binding *binding = NULL;
struct dcerpc_binding *dup = NULL;
struct epm_tower tower;
@@ -36,9 +36,11 @@ int LLVMFuzzerTestOneInput(uint8_t *input, size_t len)
if (len > MAX_LENGTH) {
return 0;
}
+
memcpy(buf, input, len);
buf[len] = '\0';
+ mem_ctx = talloc_new(NULL);
status = dcerpc_parse_binding(mem_ctx, buf, &binding);
if (! NT_STATUS_IS_OK(status)) {
--
Samba Shared Repository
