From a442ef149d752e062c7b3fd200ba45d745550865 Mon Sep 17 00:00:00 2001 From: Jonathan Tatum Date: Thu, 6 Oct 2022 08:27:56 -0700 Subject: [PATCH] Set parser recursion limit for fuzz tests. (#8673) Very large inputs that generate large ASTs can cause some of the sanitizers to timeout. Setting a smaller complexity limit should help filter out those cases. Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com> --- projects/cel-go/fuzz_compile.go | 2 +- projects/cel-go/fuzz_env.go | 8 ++++++++ projects/cel-go/fuzz_eval.go | 7 ++++++- 3 files changed, 15 insertions(+), 2 deletions(-) create mode 100644 projects/cel-go/fuzz_env.go diff --git a/projects/cel-go/fuzz_compile.go b/projects/cel-go/fuzz_compile.go index a7398da48..5c59d413d 100644 --- a/projects/cel-go/fuzz_compile.go +++ b/projects/cel-go/fuzz_compile.go @@ -1,7 +1,7 @@ package cel func FuzzCompile(data []byte) int { - env, err := NewEnv() + env, err := getCELFuzzEnv() if err != nil { panic("impossible to create env") } diff --git a/projects/cel-go/fuzz_env.go b/projects/cel-go/fuzz_env.go new file mode 100644 index 000000000..18cd2a46d --- /dev/null +++ b/projects/cel-go/fuzz_env.go @@ -0,0 +1,8 @@ +package cel + +// Create environment for running under Address sanitizer without timing out. +func getCELFuzzEnv() (*Env, error) { + // Very dense expressions (balanced trees) can cause address sanitizer to + // timeout even though they typically fail in under a second uninstrumented. + return NewEnv(ParserRecursionLimit(60)) +} diff --git a/projects/cel-go/fuzz_eval.go b/projects/cel-go/fuzz_eval.go index ee5b5482c..3aa250ab8 100644 --- a/projects/cel-go/fuzz_eval.go +++ b/projects/cel-go/fuzz_eval.go @@ -18,7 +18,12 @@ func FuzzEval(data []byte) int { for k, _ := range gen.Inputs { declares = append(declares, decls.NewVar(k, decls.String)) } - env, err := NewEnv(Declarations(declares...)) + env, err := getCELFuzzEnv() + if err != nil { + panic("impossible to create env") + } + + env, err = env.Extend(Declarations(declares...)) if err != nil { panic("impossible to create env") }