fuzzers: limit maximum pack object count

By default, libgit2 allows up to 2^32 objects when downloading a packfile from a remote. For each of these objects, libgit2 will allocate up to two small structs, which in total adds up to quite a lot of memory. As a result, our fuzzers might run out of memory rather quick in case where they receive as input a packfile with such a huge count of objects. Limit the packfile object count to 10M objects. This is sufficiently big to still work with most largish repos (linux.git has around 6M objects as of now), but small enough to not cause the fuzzer to OOM.
author: Patrick Steinhardt <ps@pks.im> 2018-07-26 15:41:41 +0200
committer: Patrick Steinhardt <ps@pks.im> 2018-08-03 09:50:35 +0200
commit: e38ddc90bf2b77fce422014f2785a9124d21263f (patch)
tree: ee1b82c238e53c83ab0e3a35e228f5f152cfe318 /fuzzers/packfile_fuzzer.c
parent: 5db64e2f1b05df6620c99073a7798f9f4feabd09 (diff)
download: libgit2-e38ddc90bf2b77fce422014f2785a9124d21263f.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/fuzzers/packfile_fuzzer.c b/fuzzers/packfile_fuzzer.c
index e7708b9be..a59d28330 100644
--- a/fuzzers/packfile_fuzzer.c
+++ b/fuzzers/packfile_fuzzer.c
@@ -33,6 +33,10 @@ int LLVMFuzzerInitialize(int *argc, char ***argv)
 		fprintf(stderr, "Failed to initialize libgit2\n");
 		abort();
 	}
+	if (git_libgit2_opts(GIT_OPT_SET_PACK_MAX_OBJECTS, 10000000) < 0) {
+		fprintf(stderr, "Failed to limit maximum pack object count\n");
+		abort();
+	}
 	if (git_odb_new(&odb) < 0) {
 		fprintf(stderr, "Failed to create the odb\n");
 		abort();
author	Patrick Steinhardt <ps@pks.im>	2018-07-26 15:41:41 +0200
committer	Patrick Steinhardt <ps@pks.im>	2018-08-03 09:50:35 +0200
commit	e38ddc90bf2b77fce422014f2785a9124d21263f (patch)
tree	ee1b82c238e53c83ab0e3a35e228f5f152cfe318 /fuzzers/packfile_fuzzer.c
parent	5db64e2f1b05df6620c99073a7798f9f4feabd09 (diff)
download	libgit2-e38ddc90bf2b77fce422014f2785a9124d21263f.tar.gz