[openssl/openssl] 01c795: Reduce Max number of commands handled per fuzzer p...
0 views
Skip to first unread message
Neil Horman
Oct 4, 2025, 4:30:38 AMOct 4
to openssl...@openssl.org
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 01c7958f2359e951a95350affb6b178fb50fed03
https://github.com/openssl/openssl/commit/01c7958f2359e951a95350affb6b178fb50fed03
Author: Neil Horman <nho...@openssl.org>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M fuzz/quic-lcidm.c
Log Message:
-----------
Reduce Max number of commands handled per fuzzer pass in quic-lcidm.
We've gotten a few recent reports of a hang in the quic-lcidm fuzzer:
https://issues.oss-fuzz.com/issues/448510502
It looks pretty straightforward (I think). The fuzzer input buffer is
used in this particular case to randomly issue commands to the lcidm
hash table (add/delete/query/flush/etc).
The loop for the command processing (based on the input buffer), is
limited to 10k commands. However the fuzzer will on occasion provide
very large buffers (500k) which easily saturate that limit. If the
input buffer happens to do something like get biased toward mostly
additions, we wind up with a huge hashtable that has to constantly grow
and rehash, which we've seen leads to timeouts in the past.
Most direct fix I think here, given that this is something of an
artificial failure in the fuzzer, is to simply clamp the command limit
more.
Fixes openssl/project#1664
Reviewed-by: Kurt Roeckx <ku...@roeckx.be>
Reviewed-by: Matt Caswell <ma...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28724)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Home: https://github.com/openssl/openssl
Commit: 01c7958f2359e951a95350affb6b178fb50fed03
https://github.com/openssl/openssl/commit/01c7958f2359e951a95350affb6b178fb50fed03
Author: Neil Horman <nho...@openssl.org>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M fuzz/quic-lcidm.c
Log Message:
-----------
Reduce Max number of commands handled per fuzzer pass in quic-lcidm.
We've gotten a few recent reports of a hang in the quic-lcidm fuzzer:
https://issues.oss-fuzz.com/issues/448510502
It looks pretty straightforward (I think). The fuzzer input buffer is
used in this particular case to randomly issue commands to the lcidm
hash table (add/delete/query/flush/etc).
The loop for the command processing (based on the input buffer), is
limited to 10k commands. However the fuzzer will on occasion provide
very large buffers (500k) which easily saturate that limit. If the
input buffer happens to do something like get biased toward mostly
additions, we wind up with a huge hashtable that has to constantly grow
and rehash, which we've seen leads to timeouts in the past.
Most direct fix I think here, given that this is something of an
artificial failure in the fuzzer, is to simply clamp the command limit
more.
Fixes openssl/project#1664
Reviewed-by: Kurt Roeckx <ku...@roeckx.be>
Reviewed-by: Matt Caswell <ma...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28724)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages