Mercurial > dropbear
comparison fuzz.h @ 1357:08f4fa4dc6a0 fuzz
closer to working
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sat, 20 May 2017 13:23:16 +0800 |
| parents | 3677a510f545 |
| children | 6b89eb92f872 |
comparison
equal
deleted
inserted
replaced
| 1356:3677a510f545 | 1357:08f4fa4dc6a0 |
|---|---|
| 1 #ifndef DROPBEAR_FUZZ_H | 1 #ifndef DROPBEAR_FUZZ_H |
| 2 #define DROPBEAR_FUZZ_H | 2 #define DROPBEAR_FUZZ_H |
| 3 | 3 |
| 4 #include "config.h" | |
| 5 #ifdef DROPBEAR_FUZZ | |
| 6 | |
| 4 #include "includes.h" | 7 #include "includes.h" |
| 5 #include "buffer.h" | 8 #include "buffer.h" |
| 6 | 9 #include "algo.h" |
| 7 #ifdef DROPBEAR_FUZZ | 10 #include "fuzz-wrapfd.h" |
| 8 | 11 |
| 9 // once per process | 12 // once per process |
| 10 void svr_setup_fuzzer(void); | 13 void svr_setup_fuzzer(void); |
| 11 | 14 |
| 12 // once per input. returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE | 15 // once per input. returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE |
| 13 int fuzzer_set_input(const uint8_t *Data, size_t Size); | 16 int fuzzer_set_input(const uint8_t *Data, size_t Size); |
| 17 | |
| 18 void fuzz_kex_fakealgos(void); | |
| 19 | |
| 20 // fake IO wrappers | |
| 21 #ifndef FUZZ_SKIP_WRAP | |
| 22 #define select(nfds, readfds, writefds, exceptfds, timeout) \ | |
| 23 wrapfd_select(nfds, readfds, writefds, exceptfds, timeout) | |
| 24 #define write(fd, buf, count) wrapfd_write(fd, buf, count) | |
| 25 #define read(fd, buf, count) wrapfd_read(fd, buf, count) | |
| 26 #endif // FUZZ_SKIP_WRAP | |
| 14 | 27 |
| 15 struct dropbear_fuzz_options { | 28 struct dropbear_fuzz_options { |
| 16 int fuzzing; | 29 int fuzzing; |
| 17 | 30 |
| 18 // to record an unencrypted stream | 31 // to record an unencrypted stream |
| 19 FILE* recordf; | 32 FILE* recordf; |
| 20 | 33 |
| 21 // fuzzing input | 34 // fuzzing input |
| 22 buffer *input; | 35 buffer *input; |
| 36 struct dropbear_cipher recv_cipher; | |
| 37 struct dropbear_hash recv_mac; | |
| 38 int wrapfds; | |
| 23 | 39 |
| 24 // dropbear_exit() jumps back | 40 // dropbear_exit() jumps back |
| 25 sigjmp_buf jmp; | 41 sigjmp_buf jmp; |
| 26 | 42 |
| 27 uid_t pw_uid; | 43 uid_t pw_uid; |
| 32 char* pw_passwd; | 48 char* pw_passwd; |
| 33 }; | 49 }; |
| 34 | 50 |
| 35 extern struct dropbear_fuzz_options fuzz; | 51 extern struct dropbear_fuzz_options fuzz; |
| 36 | 52 |
| 37 #endif | 53 #endif // DROPBEAR_FUZZ |
| 38 | 54 |
| 39 #endif /* DROPBEAR_FUZZ_H */ | 55 #endif /* DROPBEAR_FUZZ_H */ |