From 30797e783a31e51fbaee99210be7eb7eac545282 Mon Sep 17 00:00:00 2001
From: Max Moroz <mmoroz@chromium.org>
Date: Tue, 17 Oct 2017 08:19:38 -0700
Subject: [PATCH] [libxml2] Disable XML_PARSE_HUGE to avoid stack overflow.

Mirror the change from Chromium version:
https://chromium-review.googlesource.com/c/chromium/src/+/720537

This should fix the following bugs:
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2336
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2731
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2779
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3245
---
 projects/libxml2/libxml2_xml_read_memory_fuzzer.cc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/projects/libxml2/libxml2_xml_read_memory_fuzzer.cc b/projects/libxml2/libxml2_xml_read_memory_fuzzer.cc
index 4ae6035b7..6ef325764 100644
--- a/projects/libxml2/libxml2_xml_read_memory_fuzzer.cc
+++ b/projects/libxml2/libxml2_xml_read_memory_fuzzer.cc
@@ -25,6 +25,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
   const std::size_t data_hash = std::hash<std::string>()(data_string);
   const int max_option_value = std::numeric_limits<int>::max();
   const int random_option_value = data_hash % max_option_value;
+
+  // Disable XML_PARSE_HUGE to avoid stack overflow.
+  random_option_value &= ~XML_PARSE_HUGE;
   const int options[] = {0, random_option_value};
 
   for (const auto option_value : options) {