libarchive: handle erroneous archives (#9452)

Some more codepaths were added to the fuzzer in #9003 However, these paths are only valid to call in the event `archive_read_open_memory` returns `ARCHIVE_OK` -- the fuzzer is currently blocked due to this and is why the coverage decreased between 17th Nov to 19th Nov (https://storage.googleapis.com/oss-fuzz-coverage/libarchive/reports/20221117/linux/src/libarchive/report.html vs https://storage.googleapis.com/oss-fuzz-coverage/libarchive/reports/20221119/linux/src/libarchive/report.html) Am looking to get the coverage back up as I'm writing some documentation about ossf/fuzz-introspector#580 (comment) @jvoisin could you help review? Signed-off-by: David Korczynski <[email protected]> Signed-off-by: David Korczynski <[email protected]>
google · Jan 18, 2023 · 0b97ad9 · 0b97ad9
1 parent 6217f71
commit 0b97ad9
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/projects/libarchive/libarchive_fuzzer.cc b/projects/libarchive/libarchive_fuzzer.cc
@@ -33,7 +33,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
     return 0;
   }
 
-  archive_read_open_memory(a, buf, len);
+  if (ARCHIVE_OK != archive_read_open_memory(a, buf, len)) {
+    archive_read_free(a);
+    return 0;
+  }
+
   archive_read_add_passphrase(a, "secret");
 
   while(1) {