KEMBAR78
Issue 3 crashes found by honggfuzz by khernyo · Pull Request #6 · datrs/sleep-parser · GitHub
Skip to content

Conversation

@khernyo
Copy link
Member

@khernyo khernyo commented Jun 5, 2018

This is a 🐛 bug fix.

Fixes #3 by adding more checks to the parser. I have incorporated all the changes from the nom based parser (#4):

  • disabled verification of trailing zero bytes (these should be zero, but garbage should not break parsing as I understand)
  • stricter algorithm name matching: only accept the following ones: BLAKE2b, Ed25519 and "" (empty string). According to the docs these three are the allowed ones.

Honggfuzz does not find problems with this parser.

Checklist

  • tests pass
  • tests and/or benchmarks are included

Semver Changes

Possibly minor level because of the stricter parsing but patch level should be fine too.

khernyo added 6 commits May 13, 2018 18:49
Give up if an unknown algorithm name is encountered. According to docs,
the allowed algorithm names are "BLAKE2b", "Ed25519" and "".
@khernyo khernyo mentioned this pull request Jun 5, 2018
2 tasks
Copy link
Contributor

@yoshuawuyts yoshuawuyts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks fantastic. Thank you!

@yoshuawuyts yoshuawuyts merged commit b612c0b into datrs:master Jun 7, 2018
@yoshuawuyts
Copy link
Contributor

v0.5.0 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Crashes found by honggfuzz

2 participants