gh-73691: Increase size limits in _xxtestfuzz (#99070)

Now that our int<->str conversions are size limited and we have the _pylong module handling larger integers, we don't need to limit everything just to avoid wasting time in the quadratic time DoS-like case while fuzzing. We can tweak these further after seeing how this goes.
2022-11-03 14:41:20 -07:00 · 2022-11-03 14:41:20 -07:00 · bee1070289
parent 0ee59a9ca3
commit bee1070289
1 changed files with 6 additions and 3 deletions
--- a/Modules/_xxtestfuzz/fuzzer.c
+++ b/Modules/_xxtestfuzz/fuzzer.c
@ -142,7 +142,7 @@ static int fuzz_struct_unpack(const char* data, size_t size) {
 }


-#define MAX_JSON_TEST_SIZE 0x10000
+#define MAX_JSON_TEST_SIZE 0x100000

 PyObject* json_loads_method = NULL;
 /* Called by LLVMFuzzerTestOneInput for initialization */
@ -335,7 +335,7 @@ static int fuzz_sre_match(const char* data, size_t size) {
    return 0;
 }

-#define MAX_CSV_TEST_SIZE 0x10000
+#define MAX_CSV_TEST_SIZE 0x100000
 PyObject* csv_module = NULL;
 PyObject* csv_error = NULL;
 /* Called by LLVMFuzzerTestOneInput for initialization */
@ -393,7 +393,7 @@ static int fuzz_csv_reader(const char* data, size_t size) {
    return 0;
 }

-#define MAX_AST_LITERAL_EVAL_TEST_SIZE 0x10000
+#define MAX_AST_LITERAL_EVAL_TEST_SIZE 0x100000
 PyObject* ast_literal_eval_method = NULL;
 /* Called by LLVMFuzzerTestOneInput for initialization */
 static int init_ast_literal_eval(void) {
@ -459,6 +459,9 @@ int LLVMFuzzerInitialize(int *argc, char ***argv) {
    PyConfig config;
    PyConfig_InitPythonConfig(&config);
    config.install_signal_handlers = 0;
+    /* Raise the limit above the default allows exercising larger things
+     * now that we fall back to the _pylong module for large values. */
+    config.int_max_str_digits = 8086;
    PyStatus status;
    status = PyConfig_SetBytesString(&config, &config.program_name, *argv[0]);
    if (PyStatus_Exception(status)) {