Mercurial > dropbear
comparison fuzzer-preauth.c @ 1377:d4cc85e6c569 fuzz
rearrange, all fuzzers now call fuzzer_set_input()
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 25 May 2017 22:21:49 +0800 |
parents | 17104db7928c |
children | 7209a6e30932 |
comparison
equal
deleted
inserted
replaced
1376:9e9c8d37fd56 | 1377:d4cc85e6c569 |
---|---|
17 | 17 |
18 if (fuzzer_set_input(Data, Size) == DROPBEAR_FAILURE) { | 18 if (fuzzer_set_input(Data, Size) == DROPBEAR_FAILURE) { |
19 return 0; | 19 return 0; |
20 } | 20 } |
21 | 21 |
22 // get prefix. input format is | |
23 // string prefix | |
24 // uint32 wrapfd seed | |
25 // ... to be extended later | |
26 // [bytes] ssh input stream | |
27 | |
28 // be careful to avoid triggering buffer.c assertions | |
29 if (fuzz.input->len < 8) { | |
30 return 0; | |
31 } | |
32 size_t prefix_size = buf_getint(fuzz.input); | |
33 if (prefix_size != 4) { | |
34 return 0; | |
35 } | |
36 uint32_t wrapseed = buf_getint(fuzz.input); | |
37 wrapfd_setseed(wrapseed); | |
38 | |
22 int fakesock = 1; | 39 int fakesock = 1; |
23 wrapfd_add(fakesock, fuzz.input, PLAIN); | 40 wrapfd_add(fakesock, fuzz.input, PLAIN); |
24 | 41 |
25 m_malloc_set_epoch(1); | 42 m_malloc_set_epoch(1); |
26 if (setjmp(fuzz.jmp) == 0) { | 43 if (setjmp(fuzz.jmp) == 0) { |