Reduce maxmimum BCF header len in fuzzer.

2GB is too high as bcf is loading multiple things and that's the limit of total memory, not per allocation.
samtools · Nov 22, 2023 · 52644e7 · 52644e7
1 parent f40f5ec
commit 52644e7
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/vcf.c b/vcf.c
@@ -1510,7 +1510,7 @@ bcf_hdr_t *bcf_hdr_read(htsFile *hfp)
     hlen = buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((size_t) buf[3] << 24);
     if (hlen >= SIZE_MAX) { errno = ENOMEM; goto fail; }
 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-    if (hlen > FUZZ_ALLOC_LIMIT) { errno = ENOMEM; goto fail; }
+    if (hlen > FUZZ_ALLOC_LIMIT/2) { errno = ENOMEM; goto fail; }
 #endif
     htxt = (char*)malloc(hlen + 1);
     if (!htxt) goto fail;