f07fc2a752
The default action of the lexer macro YY_FATAL_ERROR(msg) is to print the message and call exit(). This might happen on an overlong token (8192 bytes) that does not fit into the token buffer. Fuzz targets must not call exit() though, since an exit is treated as an abnormal behavior, see https://llvm.org/docs/LibFuzzer.html#fuzz-target. Since YY_FATAL_ERROR is used in functions with different return value types and is expected to not return, jump to a location in the fuzzer right before yyparse() instead. Reported-by: oss-fuzz (issue 67728) Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Acked-by: James Carter <jwcart2@gmail.com> |
||
|---|---|---|
| .. | ||
| checkpolicy-fuzzer.c | ||
| checkpolicy-fuzzer.dict | ||
| min_pol.conf | ||
| min_pol.mls.conf | ||