asadbek064/quickjs
1
Fork 0
mirror of https://github.com/bellard/quickjs.git synced 2026-03-31 12:18:01 +00:00
Code Issues Actions Projects Releases Wiki Activity

fix: resolve high vulnerability V-001

Browse Source 
Automatically generated security fix
This commit is contained in:
orbisai0security 2025-12-31 09:11:45 +00:00
parent f1139494d1
commit 07e50cc634
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
fuzz/fuzz_eval.c
View File

@ -26,7 +26,20 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
return 0;
JSRuntime *rt = JS_NewRuntime();
if (!rt)
return 0;
// Set resource limits immediately after runtime creation to prevent resource exhaustion
JS_SetMemoryLimit(rt, 0x4000000); // 64 MB memory limit
JS_SetMaxStackSize(rt, 0x10000); // 64 KB stack limit
JS_SetGCThreshold(rt, 0x400000); // 4 MB GC threshold
JSContext *ctx = JS_NewContext(rt);
if (!ctx) {
JS_FreeRuntime(rt);
return 0;
}
test_one_input_init(rt, ctx);
uint8_t *null_terminated_data = malloc(size + 1);