From aacae6444ee1f8efd79dc706f3a4ebb73962de5f Mon Sep 17 00:00:00 2001
From: cpq <valenok@gmail.com>
Date: Sat, 15 Oct 2022 12:54:56 +0100
Subject: [PATCH] Fix stack overflow in fuzzer - too big on-stack array

---
 mongoose.c  | 1 +
 test/fuzz.c | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/mongoose.c b/mongoose.c
index 971cda15..ee00a90c 100644
--- a/mongoose.c
+++ b/mongoose.c
@@ -5614,6 +5614,7 @@ uint64_t mg_millis(void) {
 }
 #endif
 
+
 #ifdef MG_ENABLE_LINES
 #line 1 "src/ws.c"
 #endif
diff --git a/test/fuzz.c b/test/fuzz.c
index df9bc033..be35d051 100644
--- a/test/fuzz.c
+++ b/test/fuzz.c
@@ -67,7 +67,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     if_init(ifp, &mgr, &cfg, &mip_driver_mock, NULL, pktlen, 0);
 
     // Make a copy of the random data, in order to modify it
-    uint8_t pkt[size];
+    uint8_t *pkt = malloc(size);
     struct eth *eth = (struct eth *) pkt;
     memcpy(pkt, data, size);
     if (size > sizeof(*eth)) {
@@ -81,6 +81,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     mip_rx(ifp, (void *) pkt, size);
     mgr.priv = NULL;  // Don't let Mongoose free() ifp
     mg_mgr_free(&mgr);
+    free(pkt);
   }
 
   return 0;