[ovs-dev] [PATCH] ossfuzz: Remove duplicate tcp flags parsing in flow extract target
bshas3 at gmail.com
bshas3 at gmail.com
Fri Jun 21 12:50:35 UTC 2019
From: Bhargava Shastry <bshas3 at gmail.com>
During a code audit, the flow extraction fuzzer target was seen to be
parsing tcp flags from the fuzzer supplied input twice. This is
probably a typo since the second call to `parse_tcp_flags()` is
identical to the first.
Since a call to `parse_tcp_flags()` parses the Ethernet and IP headers
contained in the packet, the second (buggy) call to `parse_tcp_flags()`
creates an expectation that there is a second set of Ethernet and IP
headers beyond the first which is incorrect. This patch fixes this
problem by removing the duplicate code in question.
Signed-off-by: Bhargava Shastry <bshas3 at gmail.com>
---
tests/oss-fuzz/flow_extract_target.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/tests/oss-fuzz/flow_extract_target.c b/tests/oss-fuzz/flow_extract_target.c
index 4a7451411..869d1e63e 100644
--- a/tests/oss-fuzz/flow_extract_target.c
+++ b/tests/oss-fuzz/flow_extract_target.c
@@ -60,12 +60,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
ignore(tcp_flags);
}
- /* Parse TCP flags. */
- if (dp_packet_size(&packet) >= ETH_HEADER_LEN) {
- uint16_t tcp_flags = parse_tcp_flags(&packet);
- ignore(tcp_flags);
- }
-
/* Count headers. */
int count = flow_count_vlan_headers(&flow);
ignore(count);
--
2.17.1
More information about the dev
mailing list