Mercurial > dropbear
comparison fuzz.h @ 1456:a90fdd2d2ed8 fuzz
add fuzzer-preauth_nomaths
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 23 Jan 2018 23:05:47 +0800 |
| parents | 6c92e97553f1 |
| children | 2f64cb3d3007 |
comparison
equal
deleted
inserted
replaced
| 1455:4afde04f0607 | 1456:a90fdd2d2ed8 |
|---|---|
| 8 #include "buffer.h" | 8 #include "buffer.h" |
| 9 #include "algo.h" | 9 #include "algo.h" |
| 10 #include "fuzz-wrapfd.h" | 10 #include "fuzz-wrapfd.h" |
| 11 | 11 |
| 12 // once per process | 12 // once per process |
| 13 void common_setup_fuzzer(void); | 13 void fuzz_common_setup(void); |
| 14 void svr_setup_fuzzer(void); | 14 void fuzz_svr_setup(void); |
| 15 | 15 |
| 16 // must be called once per fuzz iteration. | 16 // must be called once per fuzz iteration. |
| 17 // returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE | 17 // returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE |
| 18 int fuzzer_set_input(const uint8_t *Data, size_t Size); | 18 int fuzz_set_input(const uint8_t *Data, size_t Size); |
| 19 | |
| 20 int fuzz_run_preauth(const uint8_t *Data, size_t Size, int skip_kexmaths); | |
| 19 | 21 |
| 20 // fuzzer functions that intrude into general code | 22 // fuzzer functions that intrude into general code |
| 21 void fuzz_kex_fakealgos(void); | 23 void fuzz_kex_fakealgos(void); |
| 22 int fuzz_checkpubkey_line(buffer* line, int line_num, char* filename, | 24 int fuzz_checkpubkey_line(buffer* line, int line_num, char* filename, |
| 23 const char* algo, unsigned int algolen, | 25 const char* algo, unsigned int algolen, |
| 24 const unsigned char* keyblob, unsigned int keybloblen); | 26 const unsigned char* keyblob, unsigned int keybloblen); |
| 25 extern const char * const * fuzz_signkey_names; | 27 extern const char * const * fuzz_signkey_names; |
| 26 void fuzz_seed(void); | 28 void fuzz_seed(void); |
| 27 void fuzz_get_socket_address(int fd, char **local_host, char **local_port, | 29 void fuzz_get_socket_address(int fd, char **local_host, char **local_port, |
| 28 char **remote_host, char **remote_port, int host_lookup); | 30 char **remote_host, char **remote_port, int host_lookup); |
| 31 void fuzz_fake_send_kexdh_reply(void); | |
| 29 | 32 |
| 30 // fake IO wrappers | 33 // fake IO wrappers |
| 31 #ifndef FUZZ_SKIP_WRAP | 34 #ifndef FUZZ_SKIP_WRAP |
| 32 #define select(nfds, readfds, writefds, exceptfds, timeout) \ | 35 #define select(nfds, readfds, writefds, exceptfds, timeout) \ |
| 33 wrapfd_select(nfds, readfds, writefds, exceptfds, timeout) | 36 wrapfd_select(nfds, readfds, writefds, exceptfds, timeout) |
| 46 buffer *input; | 49 buffer *input; |
| 47 struct dropbear_cipher recv_cipher; | 50 struct dropbear_cipher recv_cipher; |
| 48 struct dropbear_hash recv_mac; | 51 struct dropbear_hash recv_mac; |
| 49 int wrapfds; | 52 int wrapfds; |
| 50 | 53 |
| 54 // whether to skip slow bignum maths | |
| 55 int skip_kexmaths; | |
| 56 | |
| 51 // dropbear_exit() jumps back | 57 // dropbear_exit() jumps back |
| 52 int do_jmp; | 58 int do_jmp; |
| 53 sigjmp_buf jmp; | 59 sigjmp_buf jmp; |
| 54 | 60 |
| 55 uid_t pw_uid; | 61 uid_t pw_uid; |