limit bignums to 128 bytes

Keep us from spinning forever doing huge amounts of math in the fuzzer Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25013)
2024-11-27 05:21:51 +08:00 · 2024-07-26 11:01:05 -04:00 · 2024-07-26 11:01:05 -04:00 · f0768376e1
commit f0768376e1
parent 250a7adbea
1 changed files with 4 additions and 3 deletions
--- a/fuzz/bignum.c
+++ b/fuzz/bignum.c
@ -52,11 +52,12 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
     */
    if (len > 2) {
        len -= 3;
-        l1 = (buf[0] * len) / 255;
+        /* limit l1, l2, and l3 to be no more than 512 bytes */
+        l1 = ((buf[0] * len) / 255) % 512;
        ++buf;
-        l2 = (buf[0] * (len - l1)) / 255;
+        l2 = ((buf[0] * (len - l1)) / 255) % 512;
        ++buf;
-        l3 = len - l1 - l2;
+        l3 = (len - l1 - l2) % 512;

        s1 = buf[0] & 1;
        s3 = buf[0] & 4;