From 9de4f87aca69b41aa0b26b5f426517b53ec87514 Mon Sep 17 00:00:00 2001
From: Nikita Popov <nikita.ppv@gmail.com>
Date: Fri, 13 Dec 2019 16:09:28 +0100
Subject: [PATCH] Limit parse depth in mbstring fuzzer

The default depth of 4096 is large enough to cause optimize_node
stack overflows under asan. Reduce to 1024.
---
 sapi/fuzzer/fuzzer-mbstring.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/sapi/fuzzer/fuzzer-mbstring.c b/sapi/fuzzer/fuzzer-mbstring.c
index 3ec0c42c4e..5821024ec3 100644
--- a/sapi/fuzzer/fuzzer-mbstring.c
+++ b/sapi/fuzzer/fuzzer-mbstring.c
@@ -20,6 +20,7 @@
 #include "Zend/zend.h"
 #include "main/php_config.h"
 #include "main/php_main.h"
+#include "oniguruma.h"
 
 #include <stdio.h>
 #include <stdint.h>
@@ -67,6 +68,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
 int LLVMFuzzerInitialize(int *argc, char ***argv) {
 	fuzzer_init_php();
 
+	/* The default parse depth limit allows stack overflows under asan. */
+	onig_set_parse_depth_limit(1024);
+
 	/* fuzzer_shutdown_php(); */
 	return 0;
 }
-- 
2.50.1