fuzz_variant_text: Timeout in fuzz_variant_text when printing nested maybes
This oss-fuzz issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54577
A text-form GVariant
along the lines of [@mmm…mmmu 1,1,1,…,1,1,1]
can take a long time to print out due to the nested maybes allowing a geometric increase in the number of GVariant
instances the printer has to handle, even though all those maybe
instances are elided from printing.
This allows a denial of service with limited impact. User code is encouraged not to parse text-form GVariant
s from unknown sources, but there could be code out there which is doing that. In order to exploit this, the code would have to accept a GVariant
with a ludicrous number of nested m
types. This is implausible when using a fixed type GVariant
, but could be encountered inside a v
type.