Mercurial > dropbear

comparison fuzz/fuzz-common.c @ 1782:a6da10ac64b5 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fuzz: make postauth set authdone properly
author Matt Johnston <matt@ucc.asn.au>
date Thu, 03 Dec 2020 22:18:51 +0800
parents b5aedadc0008
children 9026f976eee8
comparison
equal deleted inserted replaced
1781:bf1912d2d6e9 1782:a6da10ac64b5
100 svr_getopts(argc, argv); 100 svr_getopts(argc, argv);
101 101
102 load_fixed_hostkeys(); 102 load_fixed_hostkeys();
103 } 103 }
104 104
105 void fuzz_svr_hook_preloop() {
106 if (fuzz.svr_postauth) {
107 ses.authstate.authdone = 1;
108 fill_passwd("root");
109 }
110 }
111
105 void fuzz_cli_setup(void) { 112 void fuzz_cli_setup(void) {
106 fuzz_common_setup(); 113 fuzz_common_setup();
107 114
108 _dropbear_exit = cli_dropbear_exit; 115 _dropbear_exit = cli_dropbear_exit;
109 _dropbear_log = cli_dropbear_log; 116 _dropbear_log = cli_dropbear_log;
240 cb(DROPBEAR_FAILURE, -1, cb_data, "errorstring"); 247 cb(DROPBEAR_FAILURE, -1, cb_data, "errorstring");
241 } 248 }
242 return NULL; 249 return NULL;
243 } 250 }
244 251
245 int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int authdone) { 252 int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int postauth) {
246 static int once = 0; 253 static int once = 0;
247 if (!once) { 254 if (!once) {
248 fuzz_svr_setup(); 255 fuzz_svr_setup();
249 fuzz.skip_kexmaths = skip_kexmaths; 256 fuzz.skip_kexmaths = skip_kexmaths;
250 once = 1; 257 once = 1;
251 } 258 }
252 259
260 fuzz.svr_postauth = postauth;
261
253 if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) { 262 if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) {
254 return 0; 263 return 0;
255 } 264 }
256 265
257 uint32_t wrapseed; 266 uint32_t wrapseed;
258 genrandom((void*)&wrapseed, sizeof(wrapseed)); 267 genrandom((void*)&wrapseed, sizeof(wrapseed));
259 wrapfd_setseed(wrapseed); 268 wrapfd_setseed(wrapseed);
260 269
261 int fakesock = wrapfd_new_fuzzinput(); 270 int fakesock = wrapfd_new_fuzzinput();
262
263 if (authdone) {
264 ses.authstate.authdone = 1;
265 fill_passwd("root");
266 }
267 271
268 m_malloc_set_epoch(1); 272 m_malloc_set_epoch(1);
269 fuzz.do_jmp = 1; 273 fuzz.do_jmp = 1;
270 if (setjmp(fuzz.jmp) == 0) { 274 if (setjmp(fuzz.jmp) == 0) {
271 svr_session(fakesock, fakesock); 275 svr_session(fakesock, fakesock);