ossfuzz: Prevent large numbers of headers from causing timeouts

As in commit e13aa01 Found by quadfuzz
curl · Jun 8, 2023 · 052dae3 · 052dae3
1 parent 58d358f
commit 052dae3
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/curl_fuzzer_tlv.cc b/curl_fuzzer_tlv.cc
@@ -157,6 +157,12 @@ int fuzz_parse_tlv(FUZZ_DATA *fuzz, TLV *tlv)
       break;
 
     case TLV_TYPE_MAIL_RECIPIENT:
+      /* Limit the number of headers that can be added to a message to prevent
+         timeouts. */
+      if(fuzz->header_list_count >= TLV_MAX_NUM_CURLOPT_HEADER) {
+        rc = 255;
+        goto EXIT_LABEL;
+      }
       tmp = fuzz_tlv_to_string(tlv);
       if (tmp == NULL) {
         // keep on despite allocation failure