comparison fuzzer-pubkey.c @ 1369:ddfcadca3c4c fuzz

fuzzer-pubkey
author Matt Johnston <matt@ucc.asn.au>
date Tue, 23 May 2017 22:43:34 +0800
parents
children d4cc85e6c569
comparison
equal deleted inserted replaced
1368:10df23099071 1369:ddfcadca3c4c
1 #include "fuzz.h"
2 #include "session.h"
3 #include "fuzz-wrapfd.h"
4 #include "debug.h"
5
6 static void setup_fuzzer(void) {
7 common_setup_fuzzer();
8 }
9
10 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
11 static int once = 0;
12 if (!once) {
13 setup_fuzzer();
14 once = 1;
15 }
16
17 m_malloc_set_epoch(1);
18
19 fuzz_seed();
20 fuzz.input->data = (unsigned char*)Data;
21 fuzz.input->len = Size;
22 fuzz.input->size = Size;
23 fuzz.input->pos = 0;
24
25 if (Size < 4) {
26 return 0;
27 }
28
29 // choose a keytype based on input
30 uint8_t b = 0;
31 size_t i;
32 for (i = 0; i < Size; i++) {
33 b ^= Data[i];
34 }
35 const char* algoname = fuzz_signkey_names[b%DROPBEAR_SIGNKEY_NUM_NAMED];
36 const char* keyblob = "fakekeyblob";
37
38 if (setjmp(fuzz.jmp) == 0) {
39 fuzz_checkpubkey_line(fuzz.input, 5, "/home/me/authorized_keys",
40 algoname, strlen(algoname),
41 keyblob, strlen(keyblob));
42 } else {
43 m_malloc_free_epoch(1);
44 TRACE(("dropbear_exit longjmped"))
45 // dropbear_exit jumped here
46 }
47
48 return 0;
49 }