python-multipart: add patch (#13093)

This pr includes a temp patch, will move this upstream once properly
tested.

Author: manunio

projects/python-multipart/Dockerfile

@@ -19,4 +19,5 @@ RUN apt-get update && apt-get install -y make autoconf automake libtool
 RUN git clone --depth 1 https://github.com/Kludex/python-multipart python-multipart
 RUN python3 -m pip install --upgrade pip
 WORKDIR python-multipart
+COPY *.patch $SRC/python-multipart
 COPY build.sh *.options $SRC/

projects/python-multipart/build.sh

@@ -15,6 +15,7 @@
 #
 ################################################################################
 
+git apply $SRC/python-multipart/*.patch
 python3 -m pip install '.[dev]'
 for fuzzer in $(find $SRC -name "fuzz_*.py"); do
     compile_python_fuzzer $fuzzer

projects/python-multipart/fuzz_form.patch

@@ -0,0 +1,13 @@
+diff --git a/fuzz/fuzz_form.py b/fuzz/fuzz_form.py
+index 9a3d854..fbc6ad9 100644
+--- a/fuzz/fuzz_form.py
++++ b/fuzz/fuzz_form.py
+@@ -29,7 +29,7 @@ def parse_form_urlencoded(fdp: EnhancedDataProvider) -> None:
+
+
+ def parse_multipart_form_data(fdp: EnhancedDataProvider) -> None:
+-    boundary = "boundary"
++    boundary = fdp.ConsumeRandomStringOfSize(16) or "boundary"
+     header = {"Content-Type": f"multipart/form-data; boundary={boundary}"}
+     body = (
+         f"--{boundary}\r\n"

projects/python-multipart/helpers.patch

@@ -0,0 +1,17 @@
+diff --git a/fuzz/helpers.py b/fuzz/helpers.py
+index 7fcd45c..d107cc1 100644
+--- a/fuzz/helpers.py
++++ b/fuzz/helpers.py
+@@ -1,9 +1,11 @@
+ import atheris
+
+-
+ class EnhancedDataProvider(atheris.FuzzedDataProvider):
+     def ConsumeRandomBytes(self) -> bytes:
+         return self.ConsumeBytes(self.ConsumeIntInRange(0, self.remaining_bytes()))
+
+     def ConsumeRandomString(self) -> str:
+         return self.ConsumeUnicodeNoSurrogates(self.ConsumeIntInRange(0, self.remaining_bytes()))
++
++    def ConsumeRandomStringOfSize(self, val: int) -> str:
++        return self.ConsumeUnicodeNoSurrogates(self.ConsumeIntInRange(0, val))