Issue 53588 in oss-fuzz: elfutils:fuzz-libelf: Timeout in fuzz-libelf

[ClusterFuzz-External via monorail]

Updates:
Labels: ClusterFuzz-Verified
Status: Verified

Comment #1 on issue 53588 by ClusterFuzz-External: elfutils:fuzz-libelf: 
Timeout in fuzz-libelf
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53588#c1

ClusterFuzz testcase 5208347720941568 is verified as fixed in 
https://oss-fuzz.com/revisions?job=libfuzzer_asan_i386_elfutils=20240430:202404300624

If this is incorrect, please file a bug on 
https://github.com/google/oss-fuzz/issues/new

-- 
You received this message because:
  1. You were specifically CC'd on the issue

You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings

Reply to this email to add a comment.

[PATCH] ar: Replace one alloca use by xmalloc

[Mark Wielaard]

This alloca use is inside a lexical block and is used to replace one
element of argv. Use a function local variable, xmalloc and free to
make memory usage pattern more clear.

* src/ar.c (main): Move newp char pointer declaration up.
Use xmalloc to allocate space. free at end of main.

Signed-off-by: Mark Wielaard 
---
 src/ar.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/ar.c b/src/ar.c
index e6d6d58f2b3b..fcb8bfb90a9f 100644
--- a/src/ar.c
+++ b/src/ar.c
@@ -41,6 +41,7 @@
 #include 
 #include 
 
+#include "libeu.h"
 #include "arlib.h"
 
 
@@ -154,10 +155,11 @@ main (int argc, char *argv[])
 
   /* For historical reasons the options in the first parameter need
  not be preceded by a dash.  Add it now if necessary.  */
+  char *newp = NULL;
   if (argc > 1 && argv[1][0] != '-')
 {
   size_t len = strlen (argv[1]) + 1;
-  char *newp = alloca (len + 1);
+  newp = (char *) xmalloc (len + 1);
   newp[0] = '-';
   memcpy ([1], argv[1], len);
   argv[1] = newp;
@@ -271,6 +273,8 @@ MEMBER parameter required for 'a', 'b', and 'i' 
modifiers"));
   break;
 }
 
+  free (newp);
+
   return status;
 }
 
-- 
2.44.0