Mercurial > dropbear

comparison fuzzer-preauth.c @ 1377:d4cc85e6c569 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
rearrange, all fuzzers now call fuzzer_set_input()
author Matt Johnston <matt@ucc.asn.au>
date Thu, 25 May 2017 22:21:49 +0800
parents 17104db7928c
children 7209a6e30932
comparison
equal deleted inserted replaced
1376:9e9c8d37fd56 1377:d4cc85e6c569
17 17
18 if (fuzzer_set_input(Data, Size) == DROPBEAR_FAILURE) { 18 if (fuzzer_set_input(Data, Size) == DROPBEAR_FAILURE) {
19 return 0; 19 return 0;
20 } 20 }
21 21
22 // get prefix. input format is
23 // string prefix
24 // uint32 wrapfd seed
25 // ... to be extended later
26 // [bytes] ssh input stream
27
28 // be careful to avoid triggering buffer.c assertions
29 if (fuzz.input->len < 8) {
30 return 0;
31 }
32 size_t prefix_size = buf_getint(fuzz.input);
33 if (prefix_size != 4) {
34 return 0;
35 }
36 uint32_t wrapseed = buf_getint(fuzz.input);
37 wrapfd_setseed(wrapseed);
38
22 int fakesock = 1; 39 int fakesock = 1;
23 wrapfd_add(fakesock, fuzz.input, PLAIN); 40 wrapfd_add(fakesock, fuzz.input, PLAIN);
24 41
25 m_malloc_set_epoch(1); 42 m_malloc_set_epoch(1);
26 if (setjmp(fuzz.jmp) == 0) { 43 if (setjmp(fuzz.jmp) == 0) {