mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
021258661b
This makes sure that we don't become vulnerable to CVE-2018-17419 or CVE-2019-19794 in the future. While we are not currently vulnerable to either, there is a risk that a PR could be made which uses one of the vulnerable methods in the future, so it's worth going ahead and updating to ensure that a simple PR that would easily pass code review doesn't lead to a vulnerability. Signed-off-by: Sam Whited <sam@samwhited.com>
32 lines
536 B
Go
32 lines
536 B
Go
// +build fuzz
|
|
|
|
package dns
|
|
|
|
import "strings"
|
|
|
|
func Fuzz(data []byte) int {
|
|
msg := new(Msg)
|
|
|
|
if err := msg.Unpack(data); err != nil {
|
|
return 0
|
|
}
|
|
if _, err := msg.Pack(); err != nil {
|
|
return 0
|
|
}
|
|
|
|
return 1
|
|
}
|
|
|
|
func FuzzNewRR(data []byte) int {
|
|
str := string(data)
|
|
// Do not fuzz lines that include the $INCLUDE keyword and hint the fuzzer
|
|
// at avoiding them.
|
|
// See GH#1025 for context.
|
|
if strings.Contains(strings.ToUpper(str), "$INCLUDE") {
|
|
return -1
|
|
}
|
|
if _, err := NewRR(str); err != nil {
|
|
return 0
|
|
}
|
|
return 1
|
|
}
|