🐛 fix for #962

Added out_of_range exception for UBJSON containers with sizes that exceed the target container's max_size.
2018-02-06 22:38:53 +01:00 · 2018-02-06 22:38:53 +01:00 · 33a9b00ce6
commit 33a9b00ce6
parent 8b457ace25
5 changed files with 53 additions and 6 deletions
--- a/test/src/fuzzer-parse_ubjson.cpp
+++ b/test/src/fuzzer-parse_ubjson.cpp
@ -58,6 +58,10 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
    {
        // type errors can occur during parsing, too
    }
+    catch (const json::out_of_range&)
+    {
+        // out of range errors may happen if provided sizes are excessive
+    }

    // return 0 - non-zero return values are reserved for future use
    return 0;
--- a/test/src/unit-regression.cpp
+++ b/test/src/unit-regression.cpp
@ -1423,4 +1423,17 @@ TEST_CASE("regression tests")
        json j = json::from_cbor(v_cbor);
        CHECK(j == "abcd123");
    }
+
+    SECTION("issue #962 - Timeout (OSS-Fuzz 6034)")
+    {
+        std::vector<uint8_t> v_ubjson = {0x5b, 0x24, 0x5a, 0x23, 0x4c, 0x78, 0x28, 0x00, 0x68, 0x28, 0x69, 0x69, 0x17};
+        CHECK_THROWS_AS(json::from_ubjson(v_ubjson), json::out_of_range&);
+        CHECK_THROWS_WITH(json::from_ubjson(v_ubjson),
+                          "[json.exception.out_of_range.408] excessive array size: 8658170730974374167");
+
+        v_ubjson[0] = '{';
+        CHECK_THROWS_AS(json::from_ubjson(v_ubjson), json::out_of_range&);
+        CHECK_THROWS_WITH(json::from_ubjson(v_ubjson),
+                          "[json.exception.out_of_range.408] excessive object size: 8658170730974374167");
+    }
 }