Crudely limit the use of . when fuzzing. Change-Id: I16f0512280d02742771cf025a78e018b19279372 Reviewed-on: https://code-review.googlesource.com/33190 Reviewed-by: Paul Wankadia <junyer@google.com>

commit: bfe29206c269ec6b28d14c6df2b390bd457855b9 [log] [tgz]
author: Paul Wankadia <junyer@google.com> Wed Sep 19 01:00:45 2018 -0700
committer: Paul Wankadia <junyer@google.com> Wed Sep 19 08:02:24 2018 +0000
tree: 62bc5864ee8303f88b320b8ca0d18649d29dcc9f
parent: 4c916c947ab7f2ba2d280bb8c87540c365d30695 [diff]
diff --git a/re2/fuzzing/re2_fuzzer.cc b/re2/fuzzing/re2_fuzzer.cc
index 1ff2327..3ce4d1b 100644
--- a/re2/fuzzing/re2_fuzzer.cc
+++ b/re2/fuzzing/re2_fuzzer.cc

@@ -59,14 +59,17 @@
   if (size == 0 || size > 999)
     return 0;
 
-  // Crudely limit the use of \p and \P.
+  // Crudely limit the use of ., \p and \P.
   // Otherwise, we will waste time on inputs that have long runs of Unicode
   // character classes. The fuzzer has shown itself to be easily capable of
   // generating such patterns that fall within the other limits, but result
   // in timeouts nonetheless. The marginal cost is high - even more so when
   // counted repetition is involved - whereas the marginal benefit is zero.
+  int dot = 0;
   int backslash_p = 0;
   for (size_t i = 0; i < size; i++) {
+    if (data[i] == '.')
+      dot++;
     if (data[i] != '\\')
       continue;
     i++;
@@ -75,6 +78,8 @@
     if (data[i] == 'p' || data[i] == 'P')
       backslash_p++;
   }
+  if (dot > 99)
+    return 0;
   if (backslash_p > 1)
     return 0;
commit	bfe29206c269ec6b28d14c6df2b390bd457855b9	[log] [tgz]
author	Paul Wankadia <junyer@google.com>	Wed Sep 19 01:00:45 2018 -0700
committer	Paul Wankadia <junyer@google.com>	Wed Sep 19 08:02:24 2018 +0000
tree	62bc5864ee8303f88b320b8ca0d18649d29dcc9f
parent	4c916c947ab7f2ba2d280bb8c87540c365d30695 [diff]