pcapng,fuzz: Fix infinite loop by fatal error on block length <= 0

Also add dev/fuzzbytes.go tool to convert fuzz input to raw bytes

.golangci.yml

@@ -35,3 +35,9 @@ linters-settings:
       # allow md5
       - G401
       - G501
+issues:
+  exclude-rules:
+    - path: dev/.*\.go
+      linters:
+        # ignore main re-declared errors
+        - typecheck

dev/fuzzbytes.go

@@ -0,0 +1,32 @@
+// tool to convert go fuzz input files to bytes
+// Usage: cat format/testdata/fuzz/FuzzFormats/144bde49b40c90fd05d302ec90b6ddb2b6d6aea553bad520a8b954797e40fe72 | go run dev/fuzzbytes.go | go run fq.go
+package main
+
+import (
+	"bytes"
+	"io/ioutil"
+	"os"
+	"strconv"
+)
+
+func main() {
+	bs, err := ioutil.ReadAll(os.Stdin)
+	if err != nil {
+		panic(err)
+	}
+
+	// Input looks like this:
+	// go test fuzz v1
+	// []byte("...")
+	prefix := []byte("[]byte(")
+	start := bytes.Index(bs, prefix) + len(prefix)
+	end := len(bs) - 2
+	s, err := strconv.Unquote(string(bs[start:end]))
+	if err != nil {
+		panic(err)
+	}
+
+	if _, err := os.Stdout.Write([]byte(s)); err != nil {
+		panic(err)
+	}
+}

format/pcap/pcapng.go

@@ -295,7 +295,11 @@ func decodeBlock(d *decode.D, dc *decodeContext) {
 	typ := d.FieldU32("type", blockTypeMap, scalar.Hex)
 	length := d.FieldU32("length") - 8
 	const footerLengthSize = 32
-	d.LenFn(int64(length)*8-footerLengthSize, func(d *decode.D) {
+	blockLen := int64(length)*8 - footerLengthSize
+	if blockLen <= 0 {
+		d.Fatalf("%d blockLen < 0", blockLen)
+	}
+	d.LenFn(blockLen, func(d *decode.D) {
 		if fn, ok := blockFns[typ]; ok {
 			fn(d, dc)
 		} else {

pkg/decode/decode.go

@@ -664,6 +664,9 @@ func (d *D) FieldValueRaw(name string, a []byte, sms ...scalar.Mapper) {
 }
 
 func (d *D) LenFn(nBits int64, fn func(d *D)) {
+	if nBits < 0 {
+		d.Fatalf("%d nBits < 0", nBits)
+	}
 	d.RangeFn(d.Pos(), nBits, fn)
 	d.SeekRel(nBits)
 }