[#3848] Fix fuzzers after security enforcement

andrei-pavel · andrei-pavel · commit 7142f0137877 · 2025-07-01T15:59:02.000+03:00
diff --git a/fuzz/fuzz_http_endpoint_kea_dhcp4.cc b/fuzz/fuzz_http_endpoint_kea_dhcp4.cc
@@ -9,7 +9,6 @@
 #include <cassert>
 #include <cstdlib>
 #include <iostream>
-#include <list>
 
 #include <fuzz.h>
 
@@ -37,6 +36,7 @@ using namespace isc::process;
 using namespace isc::http;
 using namespace isc::http::test;
 using namespace isc::util;
+using namespace isc::util::file;
 using namespace std;
 
 namespace {
@@ -105,6 +105,10 @@ LLVMFuzzerInitialize() {
 
     setenv("KEA_DHCP4_FUZZING_ROTATE_PORT", "true", 0);
 
+    // The main focus is on fuzzing the raw HTTP endpoint without the authorization header.
+    // So bypass the enforcement.
+    PathChecker::enableEnforcement(false);
+
     return 0;
 }
 
diff --git a/fuzz/fuzz_http_endpoint_kea_dhcp6.cc b/fuzz/fuzz_http_endpoint_kea_dhcp6.cc
@@ -9,7 +9,6 @@
 #include <cassert>
 #include <cstdlib>
 #include <iostream>
-#include <list>
 
 #include <fuzz.h>
 
@@ -37,6 +36,7 @@ using namespace isc::process;
 using namespace isc::http;
 using namespace isc::http::test;
 using namespace isc::util;
+using namespace isc::util::file;
 using namespace std;
 
 namespace {
@@ -105,6 +105,10 @@ LLVMFuzzerInitialize() {
 
     setenv("KEA_DHCP6_FUZZING_ROTATE_PORT", "true", 0);
 
+    // The main focus is on fuzzing the raw HTTP endpoint without the authorization header.
+    // So bypass the enforcement.
+    PathChecker::enableEnforcement(false);
+
     return 0;
 }
 
