shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-03-25 10:50:08 +03:00
Code

xinclude: Lower initial table size when fuzzing

Browse Source 
We don't have test cases with many documents, so set the initial table
size to 1 when fuzzing, so there is a chance to detect reallocation
issues.
This commit is contained in:
Nick Wellnhofer 2023-05-08 17:05:13 +02:00
parent c40cbf07a3
commit 687a2b719e
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
xinclude.c
View File

@ -266,7 +266,11 @@ xmlXIncludeNewRef(xmlXIncludeCtxtPtr ctxt, const xmlChar *URI,
ret->inc = NULL;
if (ctxt->incNr >= ctxt->incMax) {
xmlXIncludeRefPtr *tmp;
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
size_t newSize = ctxt->incMax ? ctxt->incMax * 2 : 1;
#else
size_t newSize = ctxt->incMax ? ctxt->incMax * 2 : 4;
#endif
tmp = (xmlXIncludeRefPtr *) xmlRealloc(ctxt->incTab,
newSize * sizeof(ctxt->incTab[0]));
@ -1344,7 +1348,11 @@ xmlXIncludeLoadDoc(xmlXIncludeCtxtPtr ctxt, const xmlChar *url,
/* Also cache NULL docs */
if (ctxt->urlNr >= ctxt->urlMax) {
xmlXIncludeDoc *tmp;
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
size_t newSize = ctxt->urlMax ? ctxt->urlMax * 2 : 1;
#else
size_t newSize = ctxt->urlMax ? ctxt->urlMax * 2 : 8;
#endif
tmp = xmlRealloc(ctxt->urlTab, sizeof(xmlXIncludeDoc) * newSize);
if (tmp == NULL) {
@ -1752,7 +1760,11 @@ xmlXIncludeLoadTxt(xmlXIncludeCtxtPtr ctxt, const xmlChar *url,
if (ctxt->txtNr >= ctxt->txtMax) {
xmlXIncludeTxt *tmp;
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
size_t newSize = ctxt->txtMax ? ctxt->txtMax * 2 : 1;
#else
size_t newSize = ctxt->txtMax ? ctxt->txtMax * 2 : 8;
#endif
tmp = xmlRealloc(ctxt->txtTab, sizeof(xmlXIncludeTxt) * newSize);
if (tmp == NULL) {