From a3978b24b81c568411a1680e0f72079a04eea7ab Mon Sep 17 00:00:00 2001 From: Andrew Gallant Date: Thu, 18 May 2023 10:02:28 -0400 Subject: [PATCH] fuzz: set a size limit Otherwise it's possible for the fuzzer to build a regex that is big enough to timeout on a big haystack. --- fuzz/fuzz_targets/fuzz_regex_match.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fuzz/fuzz_targets/fuzz_regex_match.rs b/fuzz/fuzz_targets/fuzz_regex_match.rs index bd9eefad54..2f61953343 100644 --- a/fuzz/fuzz_targets/fuzz_regex_match.rs +++ b/fuzz/fuzz_targets/fuzz_regex_match.rs @@ -14,7 +14,9 @@ fuzz_target!(|data: &[u8]| { let char_index = data.char_indices().nth(split_off_point); if let Some((char_index, _)) = char_index { let (pattern, input) = data.split_at(char_index); - if let Ok(re) = regex::Regex::new(pattern) { + let result = + regex::RegexBuilder::new(pattern).size_limit(1 << 20).build(); + if let Ok(re) = result { re.is_match(input); } }