From c74d1a9d8f1430b4e4f3989b12b9953cbb8fed50 Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Sun, 22 Oct 2023 20:51:23 +0200 Subject: Handle the case where no common item is found from an empty set. --- src/analysis/scan/items/maxcommon.c | 8 ++++++++ tests/analysis/scan/fuzzing.py | 18 ++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/src/analysis/scan/items/maxcommon.c b/src/analysis/scan/items/maxcommon.c index 2fe561f..e8c4db3 100644 --- a/src/analysis/scan/items/maxcommon.c +++ b/src/analysis/scan/items/maxcommon.c @@ -300,6 +300,12 @@ static bool g_scan_maxcommon_function_run_call(GScanMaxcommonFunction *item, GSc collected = malloc(arg0_count * sizeof(GScanExpression *)); scores = malloc(arg0_count * sizeof(size_t)); + if (arg0_count == 0) + { + best = 0; + goto quick_empty; + } + for (i = 0; i < arg0_count; i++) { #ifndef NDEBUG @@ -357,6 +363,8 @@ static bool g_scan_maxcommon_function_run_call(GScanMaxcommonFunction *item, GSc assert(best > 0); + quick_empty: + *out = G_OBJECT(g_scan_literal_expression_new(LVT_UNSIGNED_INTEGER, (unsigned long long []){ best })); exit: diff --git a/tests/analysis/scan/fuzzing.py b/tests/analysis/scan/fuzzing.py index 61f4117..9572774 100644 --- a/tests/analysis/scan/fuzzing.py +++ b/tests/analysis/scan/fuzzing.py @@ -123,3 +123,21 @@ rule test { ''' self.check_rule_success(rule) + + + def testNoCommon(self): + """Handle the case where no common item is found from an empty set.""" + + rule = ''' +rule test { + + bytes: + $a = "a" + + condition: + maxcommon($a) == 0 + +} +''' + + self.check_rule_success(rule) -- cgit v0.11.2-87-g4458