Crudely limit the use of \p and \P when fuzzing.
Change-Id: I7456324a2a412971a584f380489a6cc207892224
Reviewed-on: https://code-review.googlesource.com/18890
Reviewed-by: Paul Wankadia <junyer@google.com>
diff --git a/re2/fuzzing/re2_fuzzer.cc b/re2/fuzzing/re2_fuzzer.cc
index 7c48466..1da7a1f 100644
--- a/re2/fuzzing/re2_fuzzer.cc
+++ b/re2/fuzzing/re2_fuzzer.cc
@@ -59,6 +59,15 @@
if (size == 0 || size > 1024)
return 0;
+ // Crudely limit the use of \p and \P.
+ int backslash_p = 0;
+ for (size_t i = 0; i < size; i++) {
+ if (data[i] == '\\' && i+1 < size && (data[i+1] == 'p' || data[i+1] == 'P'))
+ backslash_p++;
+ }
+ if (backslash_p > 10)
+ return 0;
+
// The one-at-a-time hash by Bob Jenkins.
uint32_t hash = 0;
for (size_t i = 0; i < size; i++) {