syz-manager: check for the minimum reply buffer size

Closes #5176.
author: Aleksandr Nogikh <nogikh@google.com> 2024-08-13 20:29:15 +0200
committer: Aleksandr Nogikh <nogikh@google.com> 2024-08-14 06:00:45 +0000
commit: 07a4d4adf03055fcc6a37148e43d3c931eb168d6 (patch)
tree: 71c9c9e37343e784c784b9aa6dc1e0caca6b1edc /syz-manager/snapshot.go
parent: bde81f6f54f0b2fa4440884eeffa7db36b70f837 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/syz-manager/snapshot.go b/syz-manager/snapshot.go
index 52d3f02e2..ece7974f2 100644
--- a/syz-manager/snapshot.go
+++ b/syz-manager/snapshot.go
@@ -161,6 +161,11 @@ func (mgr *Manager) snapshotRun(inst *vm.Instance, builder *flatbuffers.Builder,
 }
 
 func parseExecResult(data []byte) *flatrpc.ExecResult {
+	if len(data) < flatbuffers.SizeUint32 {
+		return &flatrpc.ExecResult{
+			Error: "the buffer is too small",
+		}
+	}
 	raw, err := flatrpc.Parse[*flatrpc.ExecutorMessageRaw](data[flatbuffers.SizeUint32:])
 	if err != nil {
 		// Don't consider result parsing error as an infrastructure error,
author	Aleksandr Nogikh <nogikh@google.com>	2024-08-13 20:29:15 +0200
committer	Aleksandr Nogikh <nogikh@google.com>	2024-08-14 06:00:45 +0000
commit	07a4d4adf03055fcc6a37148e43d3c931eb168d6 (patch)
tree	71c9c9e37343e784c784b9aa6dc1e0caca6b1edc /syz-manager/snapshot.go
parent	bde81f6f54f0b2fa4440884eeffa7db36b70f837 (diff)