Mercurial > dropbear

comparison fuzz-common.c @ 1357:08f4fa4dc6a0 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
closer to working
author Matt Johnston <matt@ucc.asn.au>
date Sat, 20 May 2017 13:23:16 +0800
parents 3677a510f545
children 6b89eb92f872
comparison
equal deleted inserted replaced
1356:3677a510f545 1357:08f4fa4dc6a0
1 #include "includes.h" 1 #include "includes.h"
2
3 #ifdef DROPBEAR_FUZZ
4 2
5 #include "includes.h" 3 #include "includes.h"
6 #include "fuzz.h" 4 #include "fuzz.h"
7 #include "dbutil.h" 5 #include "dbutil.h"
8 #include "runopts.h" 6 #include "runopts.h"
15 13
16 static void load_fixed_hostkeys(void); 14 static void load_fixed_hostkeys(void);
17 15
18 static void common_setup_fuzzer(void) { 16 static void common_setup_fuzzer(void) {
19 fuzz.fuzzing = 1; 17 fuzz.fuzzing = 1;
18 fuzz.wrapfds = 1;
20 fuzz.input = m_malloc(sizeof(buffer)); 19 fuzz.input = m_malloc(sizeof(buffer));
21 crypto_init(); 20 crypto_init();
22 } 21 }
23 22
24 int fuzzer_set_input(const uint8_t *Data, size_t Size) { 23 int fuzzer_set_input(const uint8_t *Data, size_t Size) {
28 fuzz.input->len = Size; 27 fuzz.input->len = Size;
29 fuzz.input->pos = 0; 28 fuzz.input->pos = 0;
30 29
31 // get prefix. input format is 30 // get prefix. input format is
32 // string prefix 31 // string prefix
33 // uint32_t seed 32 // uint32 wrapfd seed
34 // ... to be extended later 33 // ... to be extended later
35 // [bytes] ssh input stream 34 // [bytes] ssh input stream
36 35
37 // be careful to avoid triggering buffer.c assertions 36 // be careful to avoid triggering buffer.c assertions
38 if (fuzz.input->len < 8) { 37 if (fuzz.input->len < 8) {
112 } 111 }
113 112
114 buf_free(b); 113 buf_free(b);
115 } 114 }
116 115
117 #endif /* DROPBEAR_FUZZ */ 116 void fuzz_kex_fakealgos(void) {
117 ses.newkeys->recv.crypt_mode = &dropbear_mode_none;
118 }