From a12a8a0153c017c394b61312fe56487c4efa8856 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Wed, 19 Apr 2023 13:21:56 +0200 Subject: [PATCH] fuzz: Set smaller connection timeouts to avoid fuzzing timeouts The client fuzzer can get stuck in poll call, when there is long connection timeout and there are no usable message from the peer. Setting smaller user timeout allows us spend more time productively fuzzing and exit early when there is no message from peer. Thanks oss-fuzz. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56935 Signed-off-by: Jakub Jelen Reviewed-by: Norbert Pocs --- tests/fuzz/ssh_client_fuzzer.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/fuzz/ssh_client_fuzzer.c b/tests/fuzz/ssh_client_fuzzer.c index 3f9c16d4..e69bf385 100644 --- a/tests/fuzz/ssh_client_fuzzer.c +++ b/tests/fuzz/ssh_client_fuzzer.c @@ -93,6 +93,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) ssize_t nwritten; bool no = false; int rc; + long timeout = 1; /* use short timeout to avoid timeouts during fuzzing */ /* This is the maximum that can be handled by the socket buffer before the * other side will read some data. Other option would be feeding the socket @@ -137,6 +138,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) assert(rc == 0); rc = ssh_options_set(session, SSH_OPTIONS_PROCESS_CONFIG, &no); assert(rc == 0); + rc = ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &timeout); + assert(rc == 0); ssh_callbacks_init(&cb); ssh_set_callbacks(session, &cb);