From 6386bc13d33ef1bdd2bad92a414a05486eaacd6b Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Fri, 21 Aug 2020 16:23:24 +0100 Subject: [PATCH] Problem: test_socket_options_fuzzer can pass non-NUL terminated data buffers Solution: ensure they are valid strings --- tests/test_socket_options_fuzzer.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/test_socket_options_fuzzer.cpp b/tests/test_socket_options_fuzzer.cpp index 1d436028..dd9ee8f7 100644 --- a/tests/test_socket_options_fuzzer.cpp +++ b/tests/test_socket_options_fuzzer.cpp @@ -43,6 +43,9 @@ extern "C" int LLVMFuzzerTestOneInput (const uint8_t *data, size_t size) void *s = test_context_socket (ZMQ_XPUB); int option; + // A lot of options expect a well-formatted string + ((uint8_t *)data)[size - 1] = 0; + for (option = ZMQ_AFFINITY; option < ZMQ_BINDTODEVICE + 1; ++option) { uint8_t out[512]; size_t out_size = 512;