diff options
author | Douglas Bagnall <douglas.bagnall@catalyst.net.nz> | 2020-01-17 09:59:26 +1300 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2020-01-17 12:59:35 +0000 |
commit | 6786ec2c9638f13efed8cba156e174644804a61e (patch) | |
tree | c0a929479d199b0ab74cd5e94287e669ce2fe6b8 /lib/fuzzing | |
parent | 75367e4b0675047c6b21447473c779547d6b51b6 (diff) | |
download | samba-6786ec2c9638f13efed8cba156e174644804a61e.tar.gz |
fuzzing: check for NULL on ldb_init()
We simply return 0 because failure here is not a problem with the code we
are actually trying to fuzz. Without this asan is unhappy.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'lib/fuzzing')
-rw-r--r-- | lib/fuzzing/fuzz_ldb_dn_explode.c | 3 | ||||
-rw-r--r-- | lib/fuzzing/fuzz_ldb_ldif_read.c | 5 | ||||
-rw-r--r-- | lib/fuzzing/fuzz_ldb_parse_control.c | 5 |
3 files changed, 11 insertions, 2 deletions
diff --git a/lib/fuzzing/fuzz_ldb_dn_explode.c b/lib/fuzzing/fuzz_ldb_dn_explode.c index dade67567cb..29747178e3e 100644 --- a/lib/fuzzing/fuzz_ldb_dn_explode.c +++ b/lib/fuzzing/fuzz_ldb_dn_explode.c @@ -27,6 +27,9 @@ int LLVMFuzzerTestOneInput(uint8_t *input, size_t len) { struct ldb_dn *dn = NULL; struct ldb_context *ldb = ldb_init(NULL, NULL); + if (ldb == NULL) { + return 0; + } /* * We copy the buffer in order to NUL-terminate, because running off * the end of the string would be an uninteresting crash. diff --git a/lib/fuzzing/fuzz_ldb_ldif_read.c b/lib/fuzzing/fuzz_ldb_ldif_read.c index f2c46bc9beb..4eee1701836 100644 --- a/lib/fuzzing/fuzz_ldb_ldif_read.c +++ b/lib/fuzzing/fuzz_ldb_ldif_read.c @@ -26,8 +26,11 @@ char buf[MAX_LENGTH + 1] = {0}; int LLVMFuzzerTestOneInput(uint8_t *input, size_t len) { struct ldb_ldif *ldif = NULL; - struct ldb_context *ldb = ldb_init(NULL, NULL); const char *s = NULL; + struct ldb_context *ldb = ldb_init(NULL, NULL); + if (ldb == NULL) { + return 0; + } if (len > MAX_LENGTH) { len = MAX_LENGTH; diff --git a/lib/fuzzing/fuzz_ldb_parse_control.c b/lib/fuzzing/fuzz_ldb_parse_control.c index bd3fda87fdb..98af24a8000 100644 --- a/lib/fuzzing/fuzz_ldb_parse_control.c +++ b/lib/fuzzing/fuzz_ldb_parse_control.c @@ -27,8 +27,11 @@ int LLVMFuzzerTestOneInput(uint8_t *input, size_t len) { struct ldb_control *control = NULL; struct ldb_context *ldb = ldb_init(NULL, NULL); + if (ldb == NULL) { + return 0; + } /* - * We copy the buffer in order to NUL-teminate, because running off + * We copy the buffer in order to NUL-terminate, because running off * the end of the string would be an uninteresting crash. */ if (len > MAX_LENGTH) { |