From 4b345d31cec0be90e713a0b4bc27ffa47599f0ea Mon Sep 17 00:00:00 2001
From: Stephen Chung <schungx@live.com>
Date: Wed, 29 Nov 2023 17:20:10 +0800
Subject: [PATCH] Limit script length in fuzzing.

---
 fuzz/Cargo.toml                |  5 +----
 fuzz/fuzz_targets/scripting.rs | 20 ++++++++++----------
 2 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
index 4a7aa68e8..57bf2c83f 100644
--- a/fuzz/Cargo.toml
+++ b/fuzz/Cargo.toml
@@ -10,10 +10,7 @@ cargo-fuzz = true
 [dependencies]
 arbitrary = { version = "1.3.2", features = ["derive"] }
 libfuzzer-sys = "0.4"
-
-[dependencies.rhai]
-path = ".."
-features = ["arbitrary"]
+rhai = { path = "..", features = ["arbitrary"] }
 
 # Prevent this from interfering with workspaces
 [workspace]
diff --git a/fuzz/fuzz_targets/scripting.rs b/fuzz/fuzz_targets/scripting.rs
index 4440ac8e2..32b439a9e 100644
--- a/fuzz/fuzz_targets/scripting.rs
+++ b/fuzz/fuzz_targets/scripting.rs
@@ -3,7 +3,7 @@ use rhai::{Dynamic, Engine, OptimizationLevel};
 
 use arbitrary::Arbitrary;
 use libfuzzer_sys::fuzz_target;
-use std::time::{Duration, Instant};
+use std::time::Instant;
 
 #[derive(Debug, Clone, Arbitrary)]
 struct Ctx<'a> {
@@ -13,6 +13,7 @@ struct Ctx<'a> {
 
 fuzz_target!(|ctx: Ctx| {
     let mut engine = Engine::new();
+
     engine.set_max_string_size(1000);
     engine.set_max_array_size(500);
     engine.set_max_map_size(500);
@@ -21,16 +22,15 @@ fuzz_target!(|ctx: Ctx| {
     engine.set_max_call_levels(10);
     engine.set_max_expr_depths(50, 5);
     engine.set_optimization_level(ctx.optimization_level);
+
+    // Limit the length of scripts.
+    let script = &ctx.script[..(ctx.script.len().min(32 * 1020))];
+
+    // We need fuzzing to be fast, so we'll stop executing after 1s.
     let start = Instant::now();
-    engine.on_progress(move |_| {
-        // We need fuzzing to be fast, so we'll stop executing after 1s.
-        if start.elapsed() > Duration::from_secs(1) {
-            Some(Dynamic::UNIT)
-        } else {
-            None
-        }
-    });
+    engine.on_progress(move |_| (start.elapsed().as_millis() > 1000).then_some(Dynamic::UNIT));
+
     let engine = engine;
 
-    _ = engine.run(ctx.script);
+    _ = engine.run(script);
 });