diff options
-rw-r--r-- | src/analysis/scan/items/maxcommon.c | 8 | ||||
-rw-r--r-- | tests/analysis/scan/fuzzing.py | 18 |
2 files changed, 26 insertions, 0 deletions
diff --git a/src/analysis/scan/items/maxcommon.c b/src/analysis/scan/items/maxcommon.c index 2fe561f..e8c4db3 100644 --- a/src/analysis/scan/items/maxcommon.c +++ b/src/analysis/scan/items/maxcommon.c @@ -300,6 +300,12 @@ static bool g_scan_maxcommon_function_run_call(GScanMaxcommonFunction *item, GSc collected = malloc(arg0_count * sizeof(GScanExpression *)); scores = malloc(arg0_count * sizeof(size_t)); + if (arg0_count == 0) + { + best = 0; + goto quick_empty; + } + for (i = 0; i < arg0_count; i++) { #ifndef NDEBUG @@ -357,6 +363,8 @@ static bool g_scan_maxcommon_function_run_call(GScanMaxcommonFunction *item, GSc assert(best > 0); + quick_empty: + *out = G_OBJECT(g_scan_literal_expression_new(LVT_UNSIGNED_INTEGER, (unsigned long long []){ best })); exit: diff --git a/tests/analysis/scan/fuzzing.py b/tests/analysis/scan/fuzzing.py index 61f4117..9572774 100644 --- a/tests/analysis/scan/fuzzing.py +++ b/tests/analysis/scan/fuzzing.py @@ -123,3 +123,21 @@ rule test { ''' self.check_rule_success(rule) + + + def testNoCommon(self): + """Handle the case where no common item is found from an empty set.""" + + rule = ''' +rule test { + + bytes: + $a = "a" + + condition: + maxcommon($a) == 0 + +} +''' + + self.check_rule_success(rule) |