Skip to content

Commit

Permalink
Disallow constants section anywhere other than the main scope
Browse files Browse the repository at this point in the history 
Fixes an OOM scenario (reproducer in fuzz/regresion/...).

Thanks to oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68129
  • Loading branch information
@lpereira
lpereira committed Apr 19, 2024
1 parent f06c8d8 commit e9fb3bf
Show file tree
Hide file tree
Showing 2 changed files with 235 additions and 1 deletion.
233 changes: 233 additions & 0 deletions fuzz/regression/clusterfuzz-testcase-minimized-config_fuzzer-5462763322277888
View file
@@ -0,0 +1,233 @@
$=$�=$=$=$=$=$=$=$=$=$=$=$=$=$��=$=$=$$==$=$=$=$=$=$=$=$=$=$=$=$=$=$=$=$=$=$=$=$=$��=$=$=$=$=$=$=$=$=$=""$=$=$=$=$=$=$=$=$off
!=off
']
���" :=
"��������������" :=
"������="
constants{M=Z=M""$"������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:}${M:}${M:}${M:M:}Z=M${M:}${I:}${M:}$$=$=$=$=$=$=$=""$"����������������ʘ�����������dd4"���˜���$=$=$=$=$=$=$=$=$=$=$=$=$=$�������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:{{M:}${M:}${M:M:}Z=M${M:}${I:�dd4"���˜���$=$=$=$=$T$=$=$=$=$=$=$=$=$��=$=$="
"
"
"
"
"
"

"�"
"
"
"
"
"
"
"
"
"
"
"
"
"

"
"
"
"
"
"
"
"
"
"
"
"
"
"
"
"
"
"

"
"
"
"
"
"
"
"
"
"
"
"
"
"
"
"
"
"

"����������" :=
"������="
constants{M=Z=M""$"������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:}${M:}${M:}${M:M:}Z=M${M:}${I:}${M:}$$=$=$=$=$=$=$=""$"��=$=$=$=$=$=$=$=$=$=$=$=$=$�������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:{{M:}${M:}${M:M:}Z=M${M:}${I:�dd4"���˜���$=$=$=$=$T$=$=$=$=$=$=$=$=$��=$=$="
"
"
"
"

"
"
"

"
"
"
"
"
"$=$=$=$�������=$constan�s$=$=$=$=$=$=$��=$=$=$=$=$=$=$B$=$=""$=$=$=�=$=$"
"
"
"
"
"
"
"
"
"
"
"
"
"

"����������" :=
"������="
constants{M=Z=M""$"������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:}${M:}${M:}${M:M:}Z=M${M:}${I:}${M:}$$=$=$=$=$=$=$=""$"��=$=$=$=$=$=$=$=$=$=$=$=$=$�������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:{{M:}${M:}${M:M:}Z=M${M:}${I:�dd4"���˜���$=$=$=$=$T$=$=$=$=$=$=$=$=$��=$=$="
"
"
"
"

"
"
"

"
"
"
"
"
"$=$=$=$�������=$constan:}${M:}${M:}${M:}${M:M:}Z=M${M:}${I:}${M:}$$=$=$=$=$=$=$=""$"����������������ʘ�����������dd4"���˜���$=$=$=$=$=$=$=$=$=$=$=$=$=$�������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:{{M:}${M:}${M:M:}Z=M${M:}${I:�dd4"���˜���$=$=$=$=$T$=$=$=$=$=$=$=$=$��=$=$="
"
"
"
"

"
"
"

"
"
"
"
"
"$=$=$=$�������=$constan:}${M:}${M:}${M:}${M:M:}Z=M${M:}${I:}${M:}$$=$=$=$=$=$=$=""$"����������������ʘ�����������dd4"���˜���$=$=$=$=$=$=$=$=$=$=$=$=$=$�������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:{{M:}${M:}${M:M:}Z=M${M:}${I:�dd4"���˜���$=$=$=$=$T$=$=$=$=$=$=$=$=$��=$=$="
"
"
"
"

"
"
"

"
"
"
"
"
"$=$=$=$�������=$constan:}${M:}${M:}${M:}${M:M:}Z=M${M:}${I:}${M:}$$=$=$=$=$=$=$=""$"����������������ʘ�����������dd4"���˜���$=$=$=$=$=$=$=$=$=$=$=$=$=$�������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:{{M:}${M:}${M:M:}Z=M${M:}${I:�dd4"���˜���$=$=$=$=$T$=$=$=$=$=$=$=$=$��=$=$="
"
"
"
"

"
"
"

"
"
"
"
"
"$=$=$=$�������=$constan:}${M:}${M:}${M:}${M:M:}Z=M${M:}${I:}${M:}$$=$=$=$=$=$=$=""$"����������������ʘ�����������dd4"���˜���$=$=$=$=$=$=$=$=$=$=$=$=$=$�������������� :=
"������="
constants{M=]=${M:}${M:.}${M:}${I:}${M:}${N:}${M:}${M:}${M:{{M:}${M:}${M:M:}Z=M${M:}${I:�dd4"���˜���$=$=$=$=$T$=$=$=$=$=$=$=$=$��=$=$="
"
"
"
"
"
"

"�"
"
"
"
"
"
"
"
"
"
"
"
"
"

"
"
"
"
"
"
"
"
"
"
"
�s$=$=$=$=$=$=$��=$=$=$=$=$=$=$B$=$=""$=$=$=�=$=$=$=$=$=$=$B$=$=""$=$=$=$=$=$�$=$=$=off
(=off
(=of{M:}$����+Z=M""$"�������������" :
"
"
"
"
"
"
"
"
"
"
"
"=
"������*="

co
Expand Down
3 changes: 2 additions & 1 deletion src/lib/lwan-config.c
View file
Expand Up @@ -851,7 +851,8 @@ static const struct config_line *parser_next(struct parser *parser)
if (!l)
return NULL;

if (l->type == CONFIG_LINE_TYPE_SECTION && streq(l->key, "constants")) {
if (l->type == CONFIG_LINE_TYPE_SECTION && streq(l->key, "constants") &&
config_from_parser(parser)->opened_brackets == 1) {
struct config *config = config_from_parser(parser);

if (parse_constants(config, l))
Expand Down

0 comments on commit e9fb3bf

Please sign in to comment.