Restrict the size of string arguments in the hope of avoiding some
very common timeouts with pcre. If this doesn't work, the functions
need to be disabled entirely.
This is what we normally do for fatal errors. The reason why this
became necessary now, is that a bailout can switch from a fiber
back to the main stack. In that case we do not want to try
destroying the fiber.
Fixes oss-fuzz #33917.
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
This PR corrects misspellings identified by the check-spelling action.
The misspellings have been reported at jsoref@b6ba3e2#commitcomment-48946465
The action reports that the changes in this PR would make it happy: jsoref@602417c
Closes GH-6822.
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool is retained as an alias.
While we limit the size of the main compilation input, the size
of eval inputs was not limited. This could result in stack
overflows, e.g. oss-fuzz #25464.
This is an end-to-end fuzzer that executes arbitrary PHP code.
We replace the executor with a finite-step executor to avoid
getting stuck in loops or recursion.
Unlike the straight unserialize fuzzer, this runs only on HashContexts,
and it does an update and finalize on the contexts it creates.
Co-authored-by: Nikita Popov <nikic@php.net>
At least one segfault observed because temp file creation failed.
Switch to using a memory stream, which should be more robust, and
more efficient for that matter.
For some patterns matching may take quite long even at retry limit
100000 and it seems that this is not easy to fix on the oniguruma
side.
Reduce the retry limit by another factor of 10 in hope of reducing
timeouts.
* Avoid an unnecessary -lstdc++ dependency. It's not going to be
used in the end anyway, and is an unnecessary hassle to set up.
* Use $LIB_FUZZING_ENGINE instead of hardcoding -lFuzzingEngine.
We're getting some very large inputs (~500KB) on OSS-Fuzz, which
slot down performance a lot. Let's try limiting this, starting
with a still fairly large value of 64KB.
Also remove the max_execution_time limit, so that slow test cases
cause a genuine libfuzzer timeout and we may investigate them.
