root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

limit bignums to 128 bytes 

Keep us from spinning forever doing huge amounts of math in the fuzzer

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25013)
This commit is contained in:
Neil Horman 2024-07-26 11:01:05 -04:00
parent 250a7adbea
commit f0768376e1
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
fuzz/bignum.c
View File

@ -52,11 +52,12 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
*/
if (len > 2) {
len -= 3;
l1 = (buf[0] * len) / 255;
/* limit l1, l2, and l3 to be no more than 512 bytes */
l1 = ((buf[0] * len) / 255) % 512;
++buf;
l2 = (buf[0] * (len - l1)) / 255;
l2 = ((buf[0] * (len - l1)) / 255) % 512;
++buf;
l3 = len - l1 - l2;
l3 = (len - l1 - l2) % 512;
s1 = buf[0] & 1;
s3 = buf[0] & 4;