From 3264034794b55e8ba1061ea44a256bdc7852edff Mon Sep 17 00:00:00 2001 From: Julien Voisin Date: Tue, 11 Apr 2023 18:25:09 +0200 Subject: [PATCH] Limit the input size of pygments fuzzers (#10013) --- projects/pygments/fuzz_guesser.py | 3 +++ projects/pygments/fuzz_lexers.py | 2 ++ 2 files changed, 5 insertions(+) diff --git a/projects/pygments/fuzz_guesser.py b/projects/pygments/fuzz_guesser.py index 30348c79a..de9565884 100644 --- a/projects/pygments/fuzz_guesser.py +++ b/projects/pygments/fuzz_guesser.py @@ -22,6 +22,9 @@ import pygments.lexers import pygments.util def TestOneInput(data: bytes) -> int: + if len(data) > (2 << 18): + return + try: lexer = pygments.lexers.guess_lexer(str(data)) except pygments.util.ClassNotFound: diff --git a/projects/pygments/fuzz_lexers.py b/projects/pygments/fuzz_lexers.py index dfff7d29c..97e4cedf9 100644 --- a/projects/pygments/fuzz_lexers.py +++ b/projects/pygments/fuzz_lexers.py @@ -32,6 +32,8 @@ FORMATTERS = [BBCodeFormatter(), GroffFormatter(), HtmlFormatter(), def TestOneInput(data: bytes) -> int: + if len(data) > (2 << 18): + return fdp = atheris.FuzzedDataProvider(data) random_lexer = pygments.lexers.get_lexer_by_name(fdp.PickValueInList(LEXERS)) formatter = fdp.PickValueInList(FORMATTERS)