From 2faf75e8e4009e723e9dafec127e254c3130562b Mon Sep 17 00:00:00 2001
From: flamingcow <flamingcow@gmail.com>
Date: Sat, 4 May 2019 19:42:37 -0700
Subject: [PATCH] Fix crashes in FCGI_PARAMS parsing

---
 .gitignore                                    |   1 +
 afl_state/findings/.cur_input                 |   1 -
 ...4facd0b71dab94c2ad5429ea984adc6d956dd5ca9b | Bin 0 -> 56 bytes
 ...ea99efcc84b399830c182e254acd2fe7425ad7295c | Bin 0 -> 64 bytes
 ...c6cdd48e2c2cb3edea6409fe8a5fc7995053dbad2f | Bin 0 -> 12 bytes
 ...5919621c9ca9c69274e9fe783f83b1955c6a3834ed | Bin 0 -> 26 bytes
 ...fe0b32978ec9a2be7be9ff34bae833add689341f02 | Bin 0 -> 30 bytes
 ...6e3feb1ba3453e38ef08361030ac38525e924c7f92 | Bin 0 -> 51 bytes
 ...eb0604d0dac5706298cbcf077c1721c7c1882fcf9c | Bin 0 -> 16 bytes
 ...dc2c7683b9d90a9f5afc9c3f5757c0d938ad8366f5 | Bin 0 -> 96 bytes
 ...4108b99be5946bf825d6130addbbe78b5d9f0cd57e | Bin 0 -> 28 bytes
 ...35aa3ed130c8bc84de90d6a303914873eac5977f93 | Bin 0 -> 12 bytes
 ...b80e0ca4b1c9653ee3bd97b8d5154fa30422d0658d | Bin 0 -> 88 bytes
 ...7188e40f5b7347a7ec41017089f9d8770747367b2d | Bin 0 -> 46 bytes
 ...1758d617f90faf8a40725bbfb4223049c86dd5d347 | Bin 0 -> 34 bytes
 ...13e0511d78f55676f00398e1b1b629f2ca8da98a78 | Bin 0 -> 16 bytes
 ...b53c21516982a56b70222a4d96b130171228bcf37c |   1 +
 ...e7a2a711bc1a7d40abc5bd08a30e1e689b2b5eddf1 | Bin 0 -> 56 bytes
 ...842a003ed5adbd1f76736def3410371a69e74ef2ec | Bin 0 -> 64 bytes
 ...aea9432ca3936c87c57b4a1690e1265bafdb77ffa0 | Bin 0 -> 56 bytes
 ...6892c0e738bacf61785df911c84865f698d64804f3 | Bin 0 -> 24 bytes
 ...766c6ec8664d2144e73199872f08078b0f08824881 | Bin 0 -> 40 bytes
 ...3033789838bd6f30ca7af2ed154105ab855e3e5c84 | Bin 0 -> 56 bytes
 ...4ac302d0907d579754530536c1d465f2ec1655fff4 | Bin 0 -> 68 bytes
 ...2cc511df58d0df522fbf5d37810d1223bfdb0cef77 | Bin 0 -> 24 bytes
 ...b649c2893b7f7980cacf2e44e5f040e27527f0194c | Bin 0 -> 72 bytes
 ...5039abf9c457e43d59ac005bdd3b6d1052e534da4d | Bin 0 -> 12 bytes
 ...a62362f232282bc3240bf582536e635a17fe35042f | Bin 0 -> 12 bytes
 ...ff2c1829d1ebc156c35b1b20eae6a0a6cc8683ae50 | Bin 0 -> 24 bytes
 ...c2e439c6f112a140debe7df35a94c0e12905f60352 | Bin 0 -> 63 bytes
 ...aac6a142e67878600b095d933ec51824bc421f9cea | Bin 0 -> 40 bytes
 ...b0e3dac25fdfae66c237994d344e098dcacf3eaf82 | Bin 0 -> 54 bytes
 ...32b162f39c42c68baf6794628c2102a91246811399 | Bin 0 -> 56 bytes
 ...7a3ca1a7c2fc9645a845eb1f5855357403f057dd0e | Bin 0 -> 56 bytes
 ...5bdbffdd8e8d0affa8c62a6b4482a1dad1cdb2ee8a | Bin 0 -> 64 bytes
 ...621bb57dd1a1117b67ecc14b69a4ad37407042e5e6 | Bin 0 -> 71 bytes
 ...796d78dccdf1352f23cd32812f4850b878ae4944c} |   0
 ...817a91c5a678add1f95e58d243a0af0ad0867f1b6c | Bin 0 -> 32 bytes
 ...4c4117b7be1d059dbcc757a9a8c147e635e9792ac7 | Bin 0 -> 8 bytes
 ...fae49524a9c826d0969596af177ef04e815e7e0ece | Bin 0 -> 96 bytes
 ...012b41979626fcaedcf770b7569e8ee1e4b4103376 | Bin 0 -> 36 bytes
 ...0be39b9c1081426c6e4ef6cf9a512581be9fe65228 | Bin 0 -> 32 bytes
 ...fb9ab285b3bfc465a70cb46021365a0c674633708d | Bin 0 -> 95 bytes
 ...1703638c71af9afd156429995e262a73275ed5c7da | Bin 0 -> 16 bytes
 ...e05e05427ce5a777b22909b457715f3c62786b99eb | Bin 0 -> 73 bytes
 ...d38b2d5e435397ea9fece64ddcefe8c3706b09e01b | Bin 0 -> 54 bytes
 ...1391f6992a6ef0ba8ff73bfe2bbf8777884a85622e | Bin 0 -> 36 bytes
 ...2b862393c88cbd60d8f01186e65570b1aa392c1174 | Bin 0 -> 32 bytes
 ...852a511899a22dbc167f6f65a75571ebc1e94be132 | Bin 0 -> 56 bytes
 ...2debd26a8ac7faeec5281857ce5674912db288bae9 | Bin 0 -> 96 bytes
 ...7d815aa3909aa87982decd25b2aa567e42731291fa | Bin 0 -> 24 bytes
 ...cf55080db3caea50721a193cb9480b9a5f66f69287 | Bin 0 -> 32 bytes
 ...e7e566f03990c125cd1be0cdb05731aeaf0645f8f5 | Bin 0 -> 40 bytes
 buffer.cc                                     |   4 +++-
 fastcgi_conn.cc                               |  21 ++++++++++++++++--
 55 files changed, 24 insertions(+), 4 deletions(-)
 delete mode 100644 afl_state/findings/.cur_input
 create mode 100644 afl_state/testcases/05d1f668cd963bf49f47844facd0b71dab94c2ad5429ea984adc6d956dd5ca9b
 create mode 100644 afl_state/testcases/0b0f255381504c76a1b728ea99efcc84b399830c182e254acd2fe7425ad7295c
 create mode 100644 afl_state/testcases/0f1ef62c369a1dca195251c6cdd48e2c2cb3edea6409fe8a5fc7995053dbad2f
 create mode 100644 afl_state/testcases/183c87507cca2e58c6b4085919621c9ca9c69274e9fe783f83b1955c6a3834ed
 create mode 100644 afl_state/testcases/2e31aabc5c982b210e804dfe0b32978ec9a2be7be9ff34bae833add689341f02
 create mode 100644 afl_state/testcases/2e4bc7036b455c6af4cd026e3feb1ba3453e38ef08361030ac38525e924c7f92
 create mode 100644 afl_state/testcases/31ae4c7e435bb7d8de92a2eb0604d0dac5706298cbcf077c1721c7c1882fcf9c
 create mode 100644 afl_state/testcases/329ee899f9c05b1b7c667adc2c7683b9d90a9f5afc9c3f5757c0d938ad8366f5
 create mode 100644 afl_state/testcases/37c3830863a204dd98320e4108b99be5946bf825d6130addbbe78b5d9f0cd57e
 create mode 100644 afl_state/testcases/37f29950791214cfd51e2135aa3ed130c8bc84de90d6a303914873eac5977f93
 create mode 100644 afl_state/testcases/38d9b0fe0ad2cc29bee945b80e0ca4b1c9653ee3bd97b8d5154fa30422d0658d
 create mode 100644 afl_state/testcases/5610128e4ee368a2cfc0327188e40f5b7347a7ec41017089f9d8770747367b2d
 create mode 100644 afl_state/testcases/596c0979bb71b205ebcf361758d617f90faf8a40725bbfb4223049c86dd5d347
 create mode 100644 afl_state/testcases/5b99a2a9dab87070274cdc13e0511d78f55676f00398e1b1b629f2ca8da98a78
 create mode 100644 afl_state/testcases/5d86ac01a848cb9448a52eb53c21516982a56b70222a4d96b130171228bcf37c
 create mode 100644 afl_state/testcases/62bbe4acaa41e4583b7e4fe7a2a711bc1a7d40abc5bd08a30e1e689b2b5eddf1
 create mode 100644 afl_state/testcases/64eb9b238392dd1ea64ef4842a003ed5adbd1f76736def3410371a69e74ef2ec
 create mode 100644 afl_state/testcases/6c6fde56a069da5c7c1166aea9432ca3936c87c57b4a1690e1265bafdb77ffa0
 create mode 100644 afl_state/testcases/7274b74610714c2f70898a6892c0e738bacf61785df911c84865f698d64804f3
 create mode 100644 afl_state/testcases/76c797962018c090a47262766c6ec8664d2144e73199872f08078b0f08824881
 create mode 100644 afl_state/testcases/7b0db3d789eeead3c8e8fc3033789838bd6f30ca7af2ed154105ab855e3e5c84
 create mode 100644 afl_state/testcases/7e05276ed16dd1939201714ac302d0907d579754530536c1d465f2ec1655fff4
 create mode 100644 afl_state/testcases/82a2b4746b1355713ec9952cc511df58d0df522fbf5d37810d1223bfdb0cef77
 create mode 100644 afl_state/testcases/8934c53052b5fb1aaacc42b649c2893b7f7980cacf2e44e5f040e27527f0194c
 create mode 100644 afl_state/testcases/8c391e83779d90d9cc43125039abf9c457e43d59ac005bdd3b6d1052e534da4d
 create mode 100644 afl_state/testcases/96ab87ec2e164061fb1155a62362f232282bc3240bf582536e635a17fe35042f
 create mode 100644 afl_state/testcases/988798fe1eb04f4992832eff2c1829d1ebc156c35b1b20eae6a0a6cc8683ae50
 create mode 100644 afl_state/testcases/9dfa485e5c259aa7f78782c2e439c6f112a140debe7df35a94c0e12905f60352
 create mode 100644 afl_state/testcases/9e19223af709bbe59fe61faac6a142e67878600b095d933ec51824bc421f9cea
 create mode 100644 afl_state/testcases/a5bf1ddf64dacb80ee8b9eb0e3dac25fdfae66c237994d344e098dcacf3eaf82
 create mode 100644 afl_state/testcases/a79410d504a36359bbcf9132b162f39c42c68baf6794628c2102a91246811399
 create mode 100644 afl_state/testcases/accf4d00eddcb8470f43ac7a3ca1a7c2fc9645a845eb1f5855357403f057dd0e
 create mode 100644 afl_state/testcases/b38c2393d62a261eee5d355bdbffdd8e8d0affa8c62a6b4482a1dad1cdb2ee8a
 create mode 100644 afl_state/testcases/b48f818f87b59d4f2b8f77621bb57dd1a1117b67ecc14b69a4ad37407042e5e6
 rename afl_state/testcases/{foo => b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c} (100%)
 create mode 100644 afl_state/testcases/b6c95edb3fbfa49a4600fc817a91c5a678add1f95e58d243a0af0ad0867f1b6c
 create mode 100644 afl_state/testcases/be6422db2a25cf3bf3978d4c4117b7be1d059dbcc757a9a8c147e635e9792ac7
 create mode 100644 afl_state/testcases/c1762d24b5869ec9d1ed96fae49524a9c826d0969596af177ef04e815e7e0ece
 create mode 100644 afl_state/testcases/c19b5f6f629f095fe1a734012b41979626fcaedcf770b7569e8ee1e4b4103376
 create mode 100644 afl_state/testcases/c2a618b8d93fe78ba6a08a0be39b9c1081426c6e4ef6cf9a512581be9fe65228
 create mode 100644 afl_state/testcases/c79b1988214eee72802da4fb9ab285b3bfc465a70cb46021365a0c674633708d
 create mode 100644 afl_state/testcases/cceab84c133ea0ea0f2ff91703638c71af9afd156429995e262a73275ed5c7da
 create mode 100644 afl_state/testcases/cf07336e51086b1689ee97e05e05427ce5a777b22909b457715f3c62786b99eb
 create mode 100644 afl_state/testcases/d0b7f6589261a4134c00b4d38b2d5e435397ea9fece64ddcefe8c3706b09e01b
 create mode 100644 afl_state/testcases/d1e717630c61289df829791391f6992a6ef0ba8ff73bfe2bbf8777884a85622e
 create mode 100644 afl_state/testcases/d9a4df9abb132f1dabde212b862393c88cbd60d8f01186e65570b1aa392c1174
 create mode 100644 afl_state/testcases/dc2ac18b3866d569c8dc30852a511899a22dbc167f6f65a75571ebc1e94be132
 create mode 100644 afl_state/testcases/df14b6bdb051e7242051d12debd26a8ac7faeec5281857ce5674912db288bae9
 create mode 100644 afl_state/testcases/e2b69890a2ad75f448667f7d815aa3909aa87982decd25b2aa567e42731291fa
 create mode 100644 afl_state/testcases/e8ab63bb5116dd865bd13bcf55080db3caea50721a193cb9480b9a5f66f69287
 create mode 100644 afl_state/testcases/f3bd6fa4b553785dc2862ee7e566f03990c125cd1be0cdb05731aeaf0645f8f5

diff --git a/.gitignore b/.gitignore
index f9b9eeb..a4e457f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ example_clock
 example_simple
 fastcgi_conn_afl
 *.o
+afl_state/findings
diff --git a/afl_state/findings/.cur_input b/afl_state/findings/.cur_input
deleted file mode 100644
index b1d81e7..0000000
--- a/afl_state/findings/.cur_input
+++ /dev/null
@@ -1 +0,0 @@
-Ÿ
\ No newline at end of file
diff --git a/afl_state/testcases/05d1f668cd963bf49f47844facd0b71dab94c2ad5429ea984adc6d956dd5ca9b b/afl_state/testcases/05d1f668cd963bf49f47844facd0b71dab94c2ad5429ea984adc6d956dd5ca9b
new file mode 100644
index 0000000000000000000000000000000000000000..7237baaf472658a033560561379891e466e7aed4
GIT binary patch
literal 56
qcmZQ%WN={MV31>AWME)uU|?Wm0rDk)G`ct|P#g>#elak7c?|$r<OPoa

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/0b0f255381504c76a1b728ea99efcc84b399830c182e254acd2fe7425ad7295c b/afl_state/testcases/0b0f255381504c76a1b728ea99efcc84b399830c182e254acd2fe7425ad7295c
new file mode 100644
index 0000000000000000000000000000000000000000..05a03f88b3b76fe42b2542ae83e5cf0e978952b7
GIT binary patch
literal 64
icmZQ%WN={M0AfZ4Fkobb@|i*0FRvMK$%EB@c?|%MBn9;V

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/0f1ef62c369a1dca195251c6cdd48e2c2cb3edea6409fe8a5fc7995053dbad2f b/afl_state/testcases/0f1ef62c369a1dca195251c6cdd48e2c2cb3edea6409fe8a5fc7995053dbad2f
new file mode 100644
index 0000000000000000000000000000000000000000..214d5ccef17728c6e2198a5af9c2477611c372b4
GIT binary patch
literal 12
PcmZQ%00Kq^Mi2l104@Ls

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/183c87507cca2e58c6b4085919621c9ca9c69274e9fe783f83b1955c6a3834ed b/afl_state/testcases/183c87507cca2e58c6b4085919621c9ca9c69274e9fe783f83b1955c6a3834ed
new file mode 100644
index 0000000000000000000000000000000000000000..59cd8b7da005d70c45d92dd88395a797bd1f85a0
GIT binary patch
literal 26
ccmZQ%WN={M0Afa21_lKN21Zs88z}S|021v2LjV8(

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/2e31aabc5c982b210e804dfe0b32978ec9a2be7be9ff34bae833add689341f02 b/afl_state/testcases/2e31aabc5c982b210e804dfe0b32978ec9a2be7be9ff34bae833add689341f02
new file mode 100644
index 0000000000000000000000000000000000000000..b1ea4faba427f437722b3e75982c2f803a595469
GIT binary patch
literal 30
acmZQ%WDsEBU`S$M6bxoi`0@>f`x*c_`vlhj

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/2e4bc7036b455c6af4cd026e3feb1ba3453e38ef08361030ac38525e924c7f92 b/afl_state/testcases/2e4bc7036b455c6af4cd026e3feb1ba3453e38ef08361030ac38525e924c7f92
new file mode 100644
index 0000000000000000000000000000000000000000..bad7e4ca343cb9f598805d58a70a79070df54b9f
GIT binary patch
literal 51
lcmZQ%WN={M0Afal7Ysna$O>iy8E6t;UNbN#0u_9D4FGh-2MquK

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/31ae4c7e435bb7d8de92a2eb0604d0dac5706298cbcf077c1721c7c1882fcf9c b/afl_state/testcases/31ae4c7e435bb7d8de92a2eb0604d0dac5706298cbcf077c1721c7c1882fcf9c
new file mode 100644
index 0000000000000000000000000000000000000000..dde783a549deb111acbbbc1b3ac1b19221d6d08b
GIT binary patch
literal 16
TcmZQ%WN={M0AdiW@Z~iC3V{O4

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/329ee899f9c05b1b7c667adc2c7683b9d90a9f5afc9c3f5757c0d938ad8366f5 b/afl_state/testcases/329ee899f9c05b1b7c667adc2c7683b9d90a9f5afc9c3f5757c0d938ad8366f5
new file mode 100644
index 0000000000000000000000000000000000000000..48ec50eda2fe99011b74a21bba3b256a4f581e9d
GIT binary patch
literal 96
kcmZQ%WN={M0AfZ4Fkobb@|i*0FRvNNlK=nze?3G$0D<!iD*ylh

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/37c3830863a204dd98320e4108b99be5946bf825d6130addbbe78b5d9f0cd57e b/afl_state/testcases/37c3830863a204dd98320e4108b99be5946bf825d6130addbbe78b5d9f0cd57e
new file mode 100644
index 0000000000000000000000000000000000000000..41cc8446d9f7ec059e3986009ecdcd7126f19db3
GIT binary patch
literal 28
acmZQ%WN={M0AfZ4FkoZ>vY9~4FRuX+_X4s2

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/37f29950791214cfd51e2135aa3ed130c8bc84de90d6a303914873eac5977f93 b/afl_state/testcases/37f29950791214cfd51e2135aa3ed130c8bc84de90d6a303914873eac5977f93
new file mode 100644
index 0000000000000000000000000000000000000000..301c53ea077a264af44fb069d3ba2330f5d6aa22
GIT binary patch
literal 12
QcmZQ%Wnf@nWMBjV003nG4FCWD

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/38d9b0fe0ad2cc29bee945b80e0ca4b1c9653ee3bd97b8d5154fa30422d0658d b/afl_state/testcases/38d9b0fe0ad2cc29bee945b80e0ca4b1c9653ee3bd97b8d5154fa30422d0658d
new file mode 100644
index 0000000000000000000000000000000000000000..d796ceb0eb636a7532477fdfeb03eaa00c76fe31
GIT binary patch
literal 88
tcmZQ%WN={MV31>AWME)uU|?Wm1@Z-e^m{Dggwz3zU|?|g#lZ08H2@%D2+9Be

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/5610128e4ee368a2cfc0327188e40f5b7347a7ec41017089f9d8770747367b2d b/afl_state/testcases/5610128e4ee368a2cfc0327188e40f5b7347a7ec41017089f9d8770747367b2d
new file mode 100644
index 0000000000000000000000000000000000000000..154e2d54baf466b19356513f02a5f193af601828
GIT binary patch
literal 46
qcmZQ%WN={M0AfZS1_lKN21ZsOTg(B(1c_!d0Ku2nQVby=`V0V2{{}Pw

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/596c0979bb71b205ebcf361758d617f90faf8a40725bbfb4223049c86dd5d347 b/afl_state/testcases/596c0979bb71b205ebcf361758d617f90faf8a40725bbfb4223049c86dd5d347
new file mode 100644
index 0000000000000000000000000000000000000000..aac48734f9bcb5f0b46d57a6f0a8b3bcd8487330
GIT binary patch
literal 34
dcmZQ%WN={M0AfZ)2Ot5X5*QS|0MTn80suUP2Lk{A

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/5b99a2a9dab87070274cdc13e0511d78f55676f00398e1b1b629f2ca8da98a78 b/afl_state/testcases/5b99a2a9dab87070274cdc13e0511d78f55676f00398e1b1b629f2ca8da98a78
new file mode 100644
index 0000000000000000000000000000000000000000..9283f6bbbc661fc89918624c315b7aeabefba6ac
GIT binary patch
literal 16
VcmZQ%WN={MU~pgr(F$K)0{{w%0?Ysa

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/5d86ac01a848cb9448a52eb53c21516982a56b70222a4d96b130171228bcf37c b/afl_state/testcases/5d86ac01a848cb9448a52eb53c21516982a56b70222a4d96b130171228bcf37c
new file mode 100644
index 0000000..2b08b35
--- /dev/null
+++ b/afl_state/testcases/5d86ac01a848cb9448a52eb53c21516982a56b70222a4d96b130171228bcf37c
@@ -0,0 +1 @@
+
9))))
\ No newline at end of file
diff --git a/afl_state/testcases/62bbe4acaa41e4583b7e4fe7a2a711bc1a7d40abc5bd08a30e1e689b2b5eddf1 b/afl_state/testcases/62bbe4acaa41e4583b7e4fe7a2a711bc1a7d40abc5bd08a30e1e689b2b5eddf1
new file mode 100644
index 0000000000000000000000000000000000000000..87dc32d8cd0507dc5a4539f8894610e601f2b4ee
GIT binary patch
literal 56
qcmZQ%WN={MV31>AWME)uU|?Wm0rL5PG`ct|P#g>#elak7c?|$qh6RNH

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/64eb9b238392dd1ea64ef4842a003ed5adbd1f76736def3410371a69e74ef2ec b/afl_state/testcases/64eb9b238392dd1ea64ef4842a003ed5adbd1f76736def3410371a69e74ef2ec
new file mode 100644
index 0000000000000000000000000000000000000000..d98c69a6145ce1730848591b3bc94a3e2c0e0a70
GIT binary patch
literal 64
kcmZQ%WN={M0AfZ4FkoZ_vL%3+8N~hanh~2kT>Y2V0Fl%N1poj5

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/6c6fde56a069da5c7c1166aea9432ca3936c87c57b4a1690e1265bafdb77ffa0 b/afl_state/testcases/6c6fde56a069da5c7c1166aea9432ca3936c87c57b4a1690e1265bafdb77ffa0
new file mode 100644
index 0000000000000000000000000000000000000000..5342190bfb3dc0035a93a3599aaa1abf9d9a3358
GIT binary patch
literal 56
qcmZQ%WN={MV31>AWME)uU|?Wm0rG)>5nY@WBF@0z@QZ=r%WD8uoCS9P

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/7274b74610714c2f70898a6892c0e738bacf61785df911c84865f698d64804f3 b/afl_state/testcases/7274b74610714c2f70898a6892c0e738bacf61785df911c84865f698d64804f3
new file mode 100644
index 0000000000000000000000000000000000000000..1f5d290da7dbeceb71ef96667182c8100bb4a266
GIT binary patch
literal 24
bcmZQ%WN={M0AfZ)2Oz<az@YHuH4p&+ASnfG

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/76c797962018c090a47262766c6ec8664d2144e73199872f08078b0f08824881 b/afl_state/testcases/76c797962018c090a47262766c6ec8664d2144e73199872f08078b0f08824881
new file mode 100644
index 0000000000000000000000000000000000000000..c7533cd809ff9b3c3b35dd396d382866042c4cb8
GIT binary patch
literal 40
bcmZQ%WN={M0AfZ4FknRCe|ZfN{qh<BG9m=k

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/7b0db3d789eeead3c8e8fc3033789838bd6f30ca7af2ed154105ab855e3e5c84 b/afl_state/testcases/7b0db3d789eeead3c8e8fc3033789838bd6f30ca7af2ed154105ab855e3e5c84
new file mode 100644
index 0000000000000000000000000000000000000000..03c68b9edc28940e6b8ffa08fff8eb767cde5066
GIT binary patch
literal 56
qcmZQ%WN={MV31>AWME)uU|?Wm1@Z-eG&XUd5(Wl`UknUiUIPGF^96_i

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/7e05276ed16dd1939201714ac302d0907d579754530536c1d465f2ec1655fff4 b/afl_state/testcases/7e05276ed16dd1939201714ac302d0907d579754530536c1d465f2ec1655fff4
new file mode 100644
index 0000000000000000000000000000000000000000..993b88b78d6c3e582224af8af8b9ecc188e9d4e6
GIT binary patch
literal 68
hcmZQ%WN={MV31>AWB>z3RxsZI#4iT|C?B8vYXF~S2A%)_

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/82a2b4746b1355713ec9952cc511df58d0df522fbf5d37810d1223bfdb0cef77 b/afl_state/testcases/82a2b4746b1355713ec9952cc511df58d0df522fbf5d37810d1223bfdb0cef77
new file mode 100644
index 0000000000000000000000000000000000000000..c06f5bc2b925e2228554a8406500a282deef8ae8
GIT binary patch
literal 24
YcmZQ%WN={M0AfZ4FkoZ_QD0sI01a#caR2}S

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/8934c53052b5fb1aaacc42b649c2893b7f7980cacf2e44e5f040e27527f0194c b/afl_state/testcases/8934c53052b5fb1aaacc42b649c2893b7f7980cacf2e44e5f040e27527f0194c
new file mode 100644
index 0000000000000000000000000000000000000000..7459af57d8141c8f30bc3b5345531f5340beba63
GIT binary patch
literal 72
icmZQ%WN={M0AfZ4Fkr;ZXJKIY@*1oNq8`BqiUR<hQU{O#

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/8c391e83779d90d9cc43125039abf9c457e43d59ac005bdd3b6d1052e534da4d b/afl_state/testcases/8c391e83779d90d9cc43125039abf9c457e43d59ac005bdd3b6d1052e534da4d
new file mode 100644
index 0000000000000000000000000000000000000000..28498f1d633bc1ca68c1e481828ba25e02d7a3f7
GIT binary patch
literal 12
QcmZQ%WME)mWMBjV0021v2><{9

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/96ab87ec2e164061fb1155a62362f232282bc3240bf582536e635a17fe35042f b/afl_state/testcases/96ab87ec2e164061fb1155a62362f232282bc3240bf582536e635a17fe35042f
new file mode 100644
index 0000000000000000000000000000000000000000..8c59f279379b23528777caab918dbf2bc2b19366
GIT binary patch
literal 12
QcmZQ%VPIfjWMBjV003G53;+NC

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/988798fe1eb04f4992832eff2c1829d1ebc156c35b1b20eae6a0a6cc8683ae50 b/afl_state/testcases/988798fe1eb04f4992832eff2c1829d1ebc156c35b1b20eae6a0a6cc8683ae50
new file mode 100644
index 0000000000000000000000000000000000000000..7c31a01cd201913858cf5fc800de574cea21d645
GIT binary patch
literal 24
acmZQ%WN={M0AfZ41_lKN21ZsO8;Af6xdAc&

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/9dfa485e5c259aa7f78782c2e439c6f112a140debe7df35a94c0e12905f60352 b/afl_state/testcases/9dfa485e5c259aa7f78782c2e439c6f112a140debe7df35a94c0e12905f60352
new file mode 100644
index 0000000000000000000000000000000000000000..5a91dc1595e99e1d3d016d8aa39e1c81b20917a3
GIT binary patch
literal 63
gcmZQ%WN={M0AfZ4Fkr;aw}r?<sV}b~iod)D09`5tn*aa+

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/9e19223af709bbe59fe61faac6a142e67878600b095d933ec51824bc421f9cea b/afl_state/testcases/9e19223af709bbe59fe61faac6a142e67878600b095d933ec51824bc421f9cea
new file mode 100644
index 0000000000000000000000000000000000000000..30e5d4933d04abc177d1498947fd8a6f99c8f187
GIT binary patch
literal 40
bcmZQ%WN={M0AfZ4FknRCe|ZfN{_+|CGAabt

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/a5bf1ddf64dacb80ee8b9eb0e3dac25fdfae66c237994d344e098dcacf3eaf82 b/afl_state/testcases/a5bf1ddf64dacb80ee8b9eb0e3dac25fdfae66c237994d344e098dcacf3eaf82
new file mode 100644
index 0000000000000000000000000000000000000000..f923801d0a738be9c9bfbd1657f4ea8d4cfb3509
GIT binary patch
literal 54
scmZQ%WN={M0AfZ41_lKN21ZsOn;%68B%2MCW%%-1ioucL%m2@>0cR=*XaE2J

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/a79410d504a36359bbcf9132b162f39c42c68baf6794628c2102a91246811399 b/afl_state/testcases/a79410d504a36359bbcf9132b162f39c42c68baf6794628c2102a91246811399
new file mode 100644
index 0000000000000000000000000000000000000000..9e89d113a516c544061bddf4b7a144bd73402d33
GIT binary patch
literal 56
qcmZQ%WN={MV31>AWME)uU|?Wm0rCZaG`ct|P#g>#elak7c?|$q%ms%4

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/accf4d00eddcb8470f43ac7a3ca1a7c2fc9645a845eb1f5855357403f057dd0e b/afl_state/testcases/accf4d00eddcb8470f43ac7a3ca1a7c2fc9645a845eb1f5855357403f057dd0e
new file mode 100644
index 0000000000000000000000000000000000000000..5a003a39f7616889d396ce72435156f0420a842d
GIT binary patch
literal 56
ncmZQ%WN={MV31>AWME)uU|?Wm1@eJ_5r;SfgTpTdhA*!HR>K8&

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/b38c2393d62a261eee5d355bdbffdd8e8d0affa8c62a6b4482a1dad1cdb2ee8a b/afl_state/testcases/b38c2393d62a261eee5d355bdbffdd8e8d0affa8c62a6b4482a1dad1cdb2ee8a
new file mode 100644
index 0000000000000000000000000000000000000000..5946af5bf0d96f2393d82b78e87768fb1b49100f
GIT binary patch
literal 64
mcmZQ%WN={M0AfZ4Fkobb@|l5Lg)a<f{MU?N^&i3NK^y?15(g>(

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/b48f818f87b59d4f2b8f77621bb57dd1a1117b67ecc14b69a4ad37407042e5e6 b/afl_state/testcases/b48f818f87b59d4f2b8f77621bb57dd1a1117b67ecc14b69a4ad37407042e5e6
new file mode 100644
index 0000000000000000000000000000000000000000..450c3908e4c210c492761de058b4776e795f99ee
GIT binary patch
literal 71
zcmZQ%WN={M0AfZ41_cHN21ZsOTN8-k0<VBvr~(Ftf3JaRfZz*IIgBU9@Z~iC)kF!E

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/foo b/afl_state/testcases/b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c
similarity index 100%
rename from afl_state/testcases/foo
rename to afl_state/testcases/b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c
diff --git a/afl_state/testcases/b6c95edb3fbfa49a4600fc817a91c5a678add1f95e58d243a0af0ad0867f1b6c b/afl_state/testcases/b6c95edb3fbfa49a4600fc817a91c5a678add1f95e58d243a0af0ad0867f1b6c
new file mode 100644
index 0000000000000000000000000000000000000000..c3ab671a65bb5e9f4b66d633307d65be2e23564a
GIT binary patch
literal 32
ZcmZQ%WN={M0AfZ4Fkl4p8=(9zuK^sN19kua

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/be6422db2a25cf3bf3978d4c4117b7be1d059dbcc757a9a8c147e635e9792ac7 b/afl_state/testcases/be6422db2a25cf3bf3978d4c4117b7be1d059dbcc757a9a8c147e635e9792ac7
new file mode 100644
index 0000000000000000000000000000000000000000..2cac643aba8a458a483e46ca81fb2373f7a8fe4b
GIT binary patch
literal 8
Pcma!_(a6wN))oW+4+aBG

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/c1762d24b5869ec9d1ed96fae49524a9c826d0969596af177ef04e815e7e0ece b/afl_state/testcases/c1762d24b5869ec9d1ed96fae49524a9c826d0969596af177ef04e815e7e0ece
new file mode 100644
index 0000000000000000000000000000000000000000..09775ef03c7547f01339dafbf3b038a03a7aadd7
GIT binary patch
literal 96
qcmZQ%WN={M0AfZ4FkoZ_vL%3+8N~hanh_!&iz3fKNE6JwFRuYk$_Xt1

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/c19b5f6f629f095fe1a734012b41979626fcaedcf770b7569e8ee1e4b4103376 b/afl_state/testcases/c19b5f6f629f095fe1a734012b41979626fcaedcf770b7569e8ee1e4b4103376
new file mode 100644
index 0000000000000000000000000000000000000000..858f5ead6c7f1658667da6f9b2b31bbab97bd6f4
GIT binary patch
literal 36
fcmZQ%WN={M0Afal7Ysna$O>iySzlg*_#hepK?VhR

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/c2a618b8d93fe78ba6a08a0be39b9c1081426c6e4ef6cf9a512581be9fe65228 b/afl_state/testcases/c2a618b8d93fe78ba6a08a0be39b9c1081426c6e4ef6cf9a512581be9fe65228
new file mode 100644
index 0000000000000000000000000000000000000000..b8d62a6d33bf25b0ab944dfbfac8bc60cfae4736
GIT binary patch
literal 32
hcmZQ%WN={MV31>AWME)uU|?Wm1@ghb5lDV{4FDYQ15f|}

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/c79b1988214eee72802da4fb9ab285b3bfc465a70cb46021365a0c674633708d b/afl_state/testcases/c79b1988214eee72802da4fb9ab285b3bfc465a70cb46021365a0c674633708d
new file mode 100644
index 0000000000000000000000000000000000000000..fb87ebbb6e9420d18185500ca628bc6d7721828b
GIT binary patch
literal 95
lcmZQ%WN={M0AfZ4Fkobb@|i*0FRvL%lZR_(WDo{v2LNBW2?GEC

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/cceab84c133ea0ea0f2ff91703638c71af9afd156429995e262a73275ed5c7da b/afl_state/testcases/cceab84c133ea0ea0f2ff91703638c71af9afd156429995e262a73275ed5c7da
new file mode 100644
index 0000000000000000000000000000000000000000..f8bd738fee5afffb3f66336604a8b6e443f282fb
GIT binary patch
literal 16
XcmZQ%WN={M;A~)EWbj~6`0^S64MPJQ

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/cf07336e51086b1689ee97e05e05427ce5a777b22909b457715f3c62786b99eb b/afl_state/testcases/cf07336e51086b1689ee97e05e05427ce5a777b22909b457715f3c62786b99eb
new file mode 100644
index 0000000000000000000000000000000000000000..4ff632a0d99064b3bde8a48d0bf1321ede987aa3
GIT binary patch
literal 73
tcmZQ%WN={MU`S$MWB>z3Rv=#jh?zm$FRvLP@(w8S96))vdNAY5YXHC|1}*>q

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/d0b7f6589261a4134c00b4d38b2d5e435397ea9fece64ddcefe8c3706b09e01b b/afl_state/testcases/d0b7f6589261a4134c00b4d38b2d5e435397ea9fece64ddcefe8c3706b09e01b
new file mode 100644
index 0000000000000000000000000000000000000000..41560620fd088e20dcaefc46331f7516053b57af
GIT binary patch
literal 54
bcmZQ%WN={M0AfZ4FkocG$NvIW^W`-FL16@a

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/d1e717630c61289df829791391f6992a6ef0ba8ff73bfe2bbf8777884a85622e b/afl_state/testcases/d1e717630c61289df829791391f6992a6ef0ba8ff73bfe2bbf8777884a85622e
new file mode 100644
index 0000000000000000000000000000000000000000..9fbf5fd1a93ed4ef010f759fd4863403c4c42dcb
GIT binary patch
literal 36
hcmZQ%WN={M0Afal7Ysna$O>iy87!|sd<KRuuK_o)1d0Fv

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/d9a4df9abb132f1dabde212b862393c88cbd60d8f01186e65570b1aa392c1174 b/afl_state/testcases/d9a4df9abb132f1dabde212b862393c88cbd60d8f01186e65570b1aa392c1174
new file mode 100644
index 0000000000000000000000000000000000000000..4643310fcffb10dc820eeac1ec050dd5cd2e1865
GIT binary patch
literal 32
fcmZQ%WN={M0AfZ4FkoZ>vVnku!I9zb|1Ylr9pnV{

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/dc2ac18b3866d569c8dc30852a511899a22dbc167f6f65a75571ebc1e94be132 b/afl_state/testcases/dc2ac18b3866d569c8dc30852a511899a22dbc167f6f65a75571ebc1e94be132
new file mode 100644
index 0000000000000000000000000000000000000000..4c384d6c482cbb678e6079f0426e8fddac23d2c3
GIT binary patch
literal 56
ncmZQ%WN={MV31>AWME)uU|?Wm0rG)>5r;SfgTpTdhA*!HR*eOA

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/df14b6bdb051e7242051d12debd26a8ac7faeec5281857ce5674912db288bae9 b/afl_state/testcases/df14b6bdb051e7242051d12debd26a8ac7faeec5281857ce5674912db288bae9
new file mode 100644
index 0000000000000000000000000000000000000000..38fdeeca6127cc225a68ffb7eb0375ae063d8f43
GIT binary patch
literal 96
vcmZQ%WN={M0AfZ4Fkobb@?ZY{|6kz?1C0M4U7i`F{L5=btong^>ml+0m39zD

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/e2b69890a2ad75f448667f7d815aa3909aa87982decd25b2aa567e42731291fa b/afl_state/testcases/e2b69890a2ad75f448667f7d815aa3909aa87982decd25b2aa567e42731291fa
new file mode 100644
index 0000000000000000000000000000000000000000..6bceb4bc3dead8c660b3163056574c5506af3aa9
GIT binary patch
literal 24
acmZQ%WN={M0AfZ41_lKN21XVj8;Af6vH>vw

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/e8ab63bb5116dd865bd13bcf55080db3caea50721a193cb9480b9a5f66f69287 b/afl_state/testcases/e8ab63bb5116dd865bd13bcf55080db3caea50721a193cb9480b9a5f66f69287
new file mode 100644
index 0000000000000000000000000000000000000000..50ef297981cb1689b1c19e2e66b4285981515aef
GIT binary patch
literal 32
dcmZQ%WN={M0AfZ4Fkoc)1?01*KzLtX0{|xb1RVeX

literal 0
HcmV?d00001

diff --git a/afl_state/testcases/f3bd6fa4b553785dc2862ee7e566f03990c125cd1be0cdb05731aeaf0645f8f5 b/afl_state/testcases/f3bd6fa4b553785dc2862ee7e566f03990c125cd1be0cdb05731aeaf0645f8f5
new file mode 100644
index 0000000000000000000000000000000000000000..03d99073a6984655e9938a4f11b8a90adc224caf
GIT binary patch
literal 40
ccmZQ%WN={M0AfZ4Fkoaw=6`t&5&iNS05X0A*#H0l

literal 0
HcmV?d00001

diff --git a/buffer.cc b/buffer.cc
index ee9b413..69d8e41 100644
--- a/buffer.cc
+++ b/buffer.cc
@@ -9,7 +9,9 @@ size_t ConstBuffer::ReadMaxLen() const {
 }
 
 const char *ConstBuffer::Read(size_t len) {
-	CHECK_LE(len, ReadMaxLen());
+	if (ReadMaxLen() < len) {
+		return nullptr;
+	}
 	const auto *ret = &const_buf_[start_];
 	start_ += len;
 	return ret;
diff --git a/fastcgi_conn.cc b/fastcgi_conn.cc
index 0760533..54fbccc 100644
--- a/fastcgi_conn.cc
+++ b/fastcgi_conn.cc
@@ -82,8 +82,25 @@ int FastCGIConn::Read() {
 				ConstBuffer param_buf(buf_.Read(header->ContentLength()), header->ContentLength());
 				while (param_buf.ReadMaxLen() > 0) {
 					const auto *param_header = param_buf.ReadObj<FastCGIParamHeader>();
-					std::string_view key(param_buf.Read(param_header->key_length), param_header->key_length);
-					std::string_view value(param_buf.Read(param_header->value_length), param_header->value_length);
+					if (!param_header) {
+						LOG(ERROR) << "FCGI_PARAMS missing header";
+						return sock_;
+					}
+
+					const auto *key_buf = param_buf.Read(param_header->key_length);
+					if (!key_buf) {
+						LOG(ERROR) << "FCGI_PARAMS missing key";
+						return sock_;
+					}
+					std::string_view key(key_buf, param_header->key_length);
+
+					const auto *value_buf = param_buf.Read(param_header->value_length);
+					if (!value_buf) {
+						LOG(ERROR) << "FCGI_PARAMS missing value";
+						return sock_;
+					}
+					std::string_view value(value_buf, param_header->value_length);
+
 					if (headers_.find(key) != headers_.end()) {
 						request_->AddParam(key, value);
 					}