Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lzo: unpoison the working buffer (#7941) 

The compression function appears to account for the possibility that the
buffer contains random values, but msan does not realize that.

Initializing the buffer would be another option, but mere unpoisoning
maintains the ability to detect flaws in the way that the library
handles such uninitialized buffers. (Although, arguably, perhaps this
would be better served by separate fuzzing, which would also make such
findings more reproducible.)

This fixes b/154387018.
This commit is contained in:
Sami Boukortt 2022-07-05 07:07:32 +02:00 committed by GitHub
parent beb98b4d1a
commit 7579d5d84f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
projects/lzo/all_lzo_compress.cc
View File

@ -202,6 +202,10 @@ void FuzzLzoAlgorithm(const LzoAlgorithm& algorithm,
std::unique_ptr<uint8_t[]> compressed_buffer(
new uint8_t[algorithm.GetMaxCompressedSize(input_buffer.size())]);
#if MEMORY_SANITIZER
__msan_unpoison(working_buffer.get(), algorithm.working_memory_size);
#endif
lzo_uint compressed_size;
if (algorithm.compress_fn(input_buffer.data(), input_buffer.size(),
compressed_buffer.get(), &compressed_size,