diff --git a/projects/binutils/fuzz_addr2line.c b/projects/binutils/fuzz_addr2line.c index 07f546d5d53e..52cb42110632 100644 --- a/projects/binutils/fuzz_addr2line.c +++ b/projects/binutils/fuzz_addr2line.c @@ -21,6 +21,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_as.c b/projects/binutils/fuzz_as.c index e1c4ac84848b..548e194db6ad 100644 --- a/projects/binutils/fuzz_as.c +++ b/projects/binutils/fuzz_as.c @@ -32,6 +32,8 @@ xatexit (void (*fn) (void) ATTRIBUTE_UNUSED) int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 1024) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer-%d.s", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_bfd.c b/projects/binutils/fuzz_bfd.c index 5b436f799fc3..33de87286251 100644 --- a/projects/binutils/fuzz_bfd.c +++ b/projects/binutils/fuzz_bfd.c @@ -39,6 +39,8 @@ static int bufferToFile(char * name, const uint8_t *Data, size_t Size) { char *target = NULL; int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + if (Size > 16384) + return 0; char tmpfilename[32]; if (bfd_init() != BFD_INIT_MAGIC) diff --git a/projects/binutils/fuzz_bfd_ext.c b/projects/binutils/fuzz_bfd_ext.c index b31880963cf5..e869e452e72a 100644 --- a/projects/binutils/fuzz_bfd_ext.c +++ b/projects/binutils/fuzz_bfd_ext.c @@ -42,6 +42,8 @@ static int bufferToFile(char *name, const uint8_t *Data, size_t Size) { } int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + if (Size > 16384) + return 0; char tmpfilename[32]; if (bfd_init() != BFD_INIT_MAGIC) diff --git a/projects/binutils/fuzz_dlltool.c b/projects/binutils/fuzz_dlltool.c index bfa2dc2dc9e6..a9a8d9a7c0c4 100644 --- a/projects/binutils/fuzz_dlltool.c +++ b/projects/binutils/fuzz_dlltool.c @@ -60,9 +60,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - if (size < 512) { + if (size < 512 || size > 16384) return 0; - } /* def file */ char filename[256]; diff --git a/projects/binutils/fuzz_dwarf.c b/projects/binutils/fuzz_dwarf.c index 45f7828e443b..da4106724fb9 100644 --- a/projects/binutils/fuzz_dwarf.c +++ b/projects/binutils/fuzz_dwarf.c @@ -20,6 +20,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_nm.c b/projects/binutils/fuzz_nm.c index e4edec38af1c..d89027bf7d88 100644 --- a/projects/binutils/fuzz_nm.c +++ b/projects/binutils/fuzz_nm.c @@ -21,6 +21,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_objcopy.c b/projects/binutils/fuzz_objcopy.c index d47700022792..3f9aa0d403ae 100644 --- a/projects/binutils/fuzz_objcopy.c +++ b/projects/binutils/fuzz_objcopy.c @@ -94,6 +94,8 @@ init_objcopy_global_state() { int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_objdump.c b/projects/binutils/fuzz_objdump.c index f7c099158b3d..5b326b0cec38 100644 --- a/projects/binutils/fuzz_objdump.c +++ b/projects/binutils/fuzz_objdump.c @@ -39,6 +39,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_ranlib_simulation.c b/projects/binutils/fuzz_ranlib_simulation.c index adba2696f805..9c46202ade62 100644 --- a/projects/binutils/fuzz_ranlib_simulation.c +++ b/projects/binutils/fuzz_ranlib_simulation.c @@ -31,6 +31,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_readelf.c b/projects/binutils/fuzz_readelf.c index 66cd5d707cea..e6954a229831 100644 --- a/projects/binutils/fuzz_readelf.c +++ b/projects/binutils/fuzz_readelf.c @@ -63,6 +63,8 @@ int check_architecture(char *tmpfilename, char *arch_string) { int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); diff --git a/projects/binutils/fuzz_strings.c b/projects/binutils/fuzz_strings.c index 38c3a049d514..7408b44bc5c0 100644 --- a/projects/binutils/fuzz_strings.c +++ b/projects/binutils/fuzz_strings.c @@ -21,6 +21,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; char filename[256]; sprintf(filename, "/tmp/libfuzzer.%d", getpid()); FILE *fp = fopen(filename, "wb"); diff --git a/projects/binutils/fuzz_windres.c b/projects/binutils/fuzz_windres.c index 6786cb1d91de..8a6d135ce6f3 100644 --- a/projects/binutils/fuzz_windres.c +++ b/projects/binutils/fuzz_windres.c @@ -88,6 +88,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 16384) + return 0; enum res_format input_format; input_format = fuzz_format_check_from_mem(data, size);; if (input_format != RES_FORMAT_COFF) {