Prevent label that contains '%#' because this will calculate a signature and will...

diff --git a/Magick++/fuzz/encoder_label_fuzzer.cc b/Magick++/fuzz/encoder_label_fuzzer.cc
index 13388336e13c65b3d30507865ad1af32781521cc..6a8b7605b36466a0bee0cd2870ba2e7272ed07ab 100644 (file)
--- a/Magick++/fuzz/encoder_label_fuzzer.cc
+++ b/Magick++/fuzz/encoder_label_fuzzer.cc
@@ -6,8 +6,17 @@
 #include "utils.cc"
 #include "encoder_utils.cc"
 
+static bool validateFileName(const std::string &fileName)
+{
+  // Signature: this will most likely cause a timeout.
+  if (fileName.find("%#") != -1)
+    return false;
+
+  return true;
+}
+
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-  return fuzzEncoderWithStringFilename("label", Data, Size);
+  return fuzzEncoderWithStringFilename("label", Data, Size, validateFileName);
 }
 
 #include "travis.cc"

diff --git a/Magick++/fuzz/encoder_utils.cc b/Magick++/fuzz/encoder_utils.cc
index e2eaf71418a5383babdefaaa8b177809e9e7a25a..a533c010cefceeeb5b2c08dffedfd6d8c1cf2ae5 100644 (file)
--- a/Magick++/fuzz/encoder_utils.cc
+++ b/Magick++/fuzz/encoder_utils.cc
@@ -1,4 +1,4 @@
-static int fuzzEncoderWithStringFilename(const std::string encoder, const uint8_t *Data, size_t Size)
+static int fuzzEncoderWithStringFilename(const std::string encoder, const uint8_t *Data, size_t Size, bool (*validate)(const std::string &) = NULL)
 {
   // Allow a bit extra to make sure we do proper bounds checking in Magick++
   if (Size > MagickPathExtent)
@@ -6,6 +6,10 @@ static int fuzzEncoderWithStringFilename(const std::string encoder, const uint8_
 
   std::string fileName(reinterpret_cast<const char*>(Data), Size);
 
+  // Can be used to deny specific file names
+  if ((validate != NULL) && (validate(fileName) == false))
+    return 0;
+
   Magick::Image image;
   try {
     image.read(encoder + ":" + fileName);