Mercurial > dropbear
comparison fuzzer-pubkey.c @ 1584:cdfab509c392
use random keyblob from the fuzzer instead
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 04 Mar 2018 19:19:45 +0800 |
| parents | 92c93b4a3646 |
| children | e6a5e51a29c9 |
comparison
equal
deleted
inserted
replaced
| 1583:d17a6bab2179 | 1584:cdfab509c392 |
|---|---|
| 18 return 0; | 18 return 0; |
| 19 } | 19 } |
| 20 | 20 |
| 21 m_malloc_set_epoch(1); | 21 m_malloc_set_epoch(1); |
| 22 | 22 |
| 23 /* choose a keytype based on input */ | 23 if (setjmp(fuzz.jmp) == 0) { |
| 24 uint8_t b = 0; | 24 buffer *line = buf_getstringbuf(fuzz.input); |
| 25 size_t i; | 25 buffer *keyblob = buf_getstringbuf(fuzz.input); |
| 26 for (i = 0; i < Size; i++) { | |
| 27 b ^= Data[i]; | |
| 28 } | |
| 29 const char* algoname = fuzz_signkey_names[b%DROPBEAR_SIGNKEY_NUM_NAMED]; | |
| 30 const char* keyblob = "blob"; /* keep short */ | |
| 31 | 26 |
| 32 if (setjmp(fuzz.jmp) == 0) { | 27 unsigned int algolen; |
| 33 fuzz_checkpubkey_line(fuzz.input, 5, "/home/me/authorized_keys", | 28 const char* algoname = buf_getstring(keyblob, &algolen); |
| 34 algoname, strlen(algoname), | 29 |
| 35 (unsigned char*)keyblob, strlen(keyblob)); | 30 if (have_algo(algo, algolen, sshhostkey) == DROPBEAR_FAILURE) { |
| 31 dropbear_exit("fuzzer imagined a bogus algorithm"); | |
| 32 } | |
| 33 fuzz_checkpubkey_line(line, 5, "/home/me/authorized_keys", | |
| 34 algoname, algolen, | |
| 35 keyblob->data, keyblob->len); | |
| 36 | |
| 37 buf_free(line); | |
| 38 buf_free(keyblob); | |
| 36 m_malloc_free_epoch(1, 0); | 39 m_malloc_free_epoch(1, 0); |
| 37 } else { | 40 } else { |
| 38 m_malloc_free_epoch(1, 1); | 41 m_malloc_free_epoch(1, 1); |
| 39 TRACE(("dropbear_exit longjmped")) | 42 TRACE(("dropbear_exit longjmped")) |
| 40 /* dropbear_exit jumped here */ | 43 /* dropbear_exit jumped here */ |