yhirose 2d2efe46da Fix OSS-Fuzz #508342856: cap Content-Length reservation by payload_max_length_ ...

A malicious or malformed server response with an enormous Content-Length
header (e.g. 20000000000) caused the client to call res.body.reserve(len)
with the untrusted value, triggering OOM before read_content's
payload_max_length_ check could take effect. Cap the pre-reservation
at payload_max_length_, since reading more than that is never useful.

2026-05-01 21:28:57 +09:00

..

corpus

Fix OSS-Fuzz #508342856: cap Content-Length reservation by payload_max_length_

2026-05-01 21:28:57 +09:00

client_fuzzer.cc

Add client fuzzing harness (#2437)

2026-04-29 11:05:29 +09:00

CMakeLists.txt

Run fuzz test in CTest (#1707)

2023-11-09 19:35:15 -05:00

header_parser_fuzzer.cc

Add two new fuzzers (#2412)

2026-03-28 15:00:10 -04:00

Makefile

Add client fuzzing harness (#2437)

2026-04-29 11:05:29 +09:00

server_fuzzer.cc

Refactor streams: rename is_* to wait_* for clarity (#2069)

2025-02-20 12:56:39 -05:00

server_fuzzer.dict

Add cpp-httplib to oss-fuzz (#684)

2020-10-15 08:11:40 -04:00

standalone_fuzz_target_runner.cpp

Include missing stdint.h on fuzz test (#1700)

2023-10-29 19:26:06 -04:00

url_parser_fuzzer.cc

Add two new fuzzers (#2412)

2026-03-28 15:00:10 -04:00