Added memory checks

author: Luca Deri <deri@ntop.org> 2020-08-02 13:00:31 +0200
committer: Luca Deri <deri@ntop.org> 2020-08-02 13:00:31 +0200
commit: ea10b8e757c05dd5cee9c74e785111596feb5d7b (patch)
tree: e006ed655a627858c918e2ed10e758c1043a619e /fuzz
parent: 57e28e03eec7bcbd88523b22efb843a3743c3e64 (diff)
1 files changed, 11 insertions, 5 deletions
diff --git a/fuzz/fuzz_ndpi_reader.c b/fuzz/fuzz_ndpi_reader.c
index 4360bbb55..9f73eb4e9 100644
--- a/fuzz/fuzz_ndpi_reader.c
+++ b/fuzz/fuzz_ndpi_reader.c
@@ -80,11 +80,17 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
 
   r = pcap_next_ex(pkts, &header, &pkt);
   while (r > 0) {
-    /* allocate an exact size buffer to check overflows */
-    uint8_t *packet_checked = malloc(header->caplen);
-    memcpy(packet_checked, pkt, header->caplen);
-    ndpi_workflow_process_packet(workflow, header, packet_checked, NULL);
-    free(packet_checked);
+    if(header->caplen >= 42 /* ARP+ size */) {
+      /* allocate an exact size buffer to check overflows */
+      uint8_t *packet_checked = malloc(header->caplen);
+
+      if(packet_checked) {
+	memcpy(packet_checked, pkt, header->caplen);
+	ndpi_workflow_process_packet(workflow, header, packet_checked, NULL);
+	free(packet_checked);
+      }
+    }
+
     r = pcap_next_ex(pkts, &header, &pkt);
   }
   ndpi_workflow_free(workflow);
author	Luca Deri <deri@ntop.org>	2020-08-02 13:00:31 +0200
committer	Luca Deri <deri@ntop.org>	2020-08-02 13:00:31 +0200
commit	ea10b8e757c05dd5cee9c74e785111596feb5d7b (patch)
tree	e006ed655a627858c918e2ed10e758c1043a619e /fuzz
parent	57e28e03eec7bcbd88523b22efb843a3743c3e64 (diff)