protobuf-js: pass a length to consumeString() (#13447)

mayant15 · web-flow · commit a92597503a36 · 2025-06-24T11:11:19.000+10:00
`FuzzedDataProvider.consumeString()` expects a length [as its first argument](https://github.com/CodeIntelligenceTesting/jazzer.js/blob/592be5c6d7f453e96822be41fe3f2a1351b8fd96/packages/core/FuzzedDataProvider.ts#L435). There are two calls in the driver that omit this argument and crash. Pass in a random length instead, consistent with other calls to `consumeString()` in the driver.
diff --git a/projects/protobuf-js/fuzz.js b/projects/protobuf-js/fuzz.js
@@ -55,7 +55,7 @@ const ignored = [
 
 // Fuzz the Root#loadSync method
 function fuzzLoadSync(root, provider) {
-  const filePath = provider.consumeString();
+  const filePath = provider.consumeString(provider.consumeIntegralInRange(1, 64));
   root.loadSync(filePath);
 }
 
@@ -75,7 +75,7 @@ function fuzzLookupType(root, provider) {
 
 // Fuzz the Message#encode method
 function fuzzEncode(root, provider) {
-  const typeName = provider.consumeString();
+  const typeName = provider.consumeString(provider.consumeIntegralInRange(1, 64));
   const message = root.create(typeName);
 
   // Construct the input for the message instance manually
