Make the fuzzer check for large substrings as soon as possible.
Change-Id: I53377057e57658b60ea707af171dff234d5699bb
Reviewed-on: https://code-review.googlesource.com/c/re2/+/39750
Reviewed-by: Paul Wankadia <junyer@google.com>
diff --git a/re2/fuzzing/re2_fuzzer.cc b/re2/fuzzing/re2_fuzzer.cc
index 2faebe0..061c418 100644
--- a/re2/fuzzing/re2_fuzzer.cc
+++ b/re2/fuzzing/re2_fuzzer.cc
@@ -22,25 +22,6 @@
if (!re.ok())
return;
- // Don't waste time fuzzing high-size programs.
- // They can cause bug reports due to fuzzer timeouts.
- int size = re.ProgramSize();
- if (size > 9999)
- return;
- int rsize = re.ReverseProgramSize();
- if (rsize > 9999)
- return;
-
- // Don't waste time fuzzing high-fanout programs.
- // They can cause bug reports due to fuzzer timeouts.
- std::map<int, int> histogram;
- int fanout = re.ProgramFanout(&histogram);
- if (fanout > 9)
- return;
- int rfanout = re.ReverseProgramFanout(&histogram);
- if (rfanout > 9)
- return;
-
// Don't waste time fuzzing programs with large substrings.
// They can cause bug reports due to fuzzer timeouts when they
// are repetitions (e.g. hundreds of NUL bytes) and matching is
@@ -63,6 +44,25 @@
}
}
+ // Don't waste time fuzzing high-size programs.
+ // They can cause bug reports due to fuzzer timeouts.
+ int size = re.ProgramSize();
+ if (size > 9999)
+ return;
+ int rsize = re.ReverseProgramSize();
+ if (rsize > 9999)
+ return;
+
+ // Don't waste time fuzzing high-fanout programs.
+ // They can cause bug reports due to fuzzer timeouts.
+ std::map<int, int> histogram;
+ int fanout = re.ProgramFanout(&histogram);
+ if (fanout > 9)
+ return;
+ int rfanout = re.ReverseProgramFanout(&histogram);
+ if (rfanout > 9)
+ return;
+
if (re.NumberOfCapturingGroups() == 0) {
// Avoid early return due to too many arguments.
StringPiece sp = text;