fuzz: cleans all flow after one run

Makes the fuzz target more stateless And manages to find bugs on the FlowFree path
3 years ago · e2370d6861
parent add1a0f561
commit e2370d6861
1 changed files with 12 additions and 0 deletions
--- a/src/tests/fuzz/fuzz_predefpcap_aware.c
+++ b/src/tests/fuzz/fuzz_predefpcap_aware.c
@ -22,6 +22,7 @@
 #include "util-unittest-helper.h"
 #include "conf-yaml-loader.h"
 #include "pkt-var.h"
+#include "flow-util.h"

 #include <fuzz_pcap.h>

@ -142,6 +143,17 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
        p->pcap_cnt = pcap_cnt;
    }
    PacketFree(p);
+    for (uint32_t u = 0; u < flow_config.hash_size; u++) {
+        Flow *f = flow_hash[u].head;
+        while (f) {
+            Flow *n = f->next;
+            uint8_t proto_map = FlowGetProtoMapping(f->proto);
+            FlowClearMemory(f, proto_map);
+            FlowFree(f);
+            f = n;
+        }
+        flow_hash[u].head = NULL;
+    }

    return 0;
 }