Mercurial > dropbear

comparison fuzzer-preauth.c @ 1386:f0990c284663 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fuzzer-preauth don't call getpwnam(), bring back longjmp
author Matt Johnston <matt@ucc.asn.au>
date Fri, 02 Jun 2017 00:03:51 +0800
parents 6c92e97553f1
children a90fdd2d2ed8
comparison
equal deleted inserted replaced
1385:6c92e97553f1 1386:f0990c284663
10 10
11 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { 11 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
12 static int once = 0; 12 static int once = 0;
13 if (!once) { 13 if (!once) {
14 setup_fuzzer(); 14 setup_fuzzer();
15 // XXX temporarily disable setjmp to debug asan segv
16 fuzz.do_jmp = 0;
17 once = 1; 15 once = 1;
18 } 16 }
19 17
20 if (fuzzer_set_input(Data, Size) == DROPBEAR_FAILURE) { 18 if (fuzzer_set_input(Data, Size) == DROPBEAR_FAILURE) {
21 return 0; 19 return 0;
40 38
41 int fakesock = 20; 39 int fakesock = 20;
42 wrapfd_add(fakesock, fuzz.input, PLAIN); 40 wrapfd_add(fakesock, fuzz.input, PLAIN);
43 41
44 m_malloc_set_epoch(1); 42 m_malloc_set_epoch(1);
45 // XXX temporarily disable setjmp to debug asan segv
46 svr_session(fakesock, fakesock);
47 #if 0
48 if (setjmp(fuzz.jmp) == 0) { 43 if (setjmp(fuzz.jmp) == 0) {
49 svr_session(fakesock, fakesock); 44 svr_session(fakesock, fakesock);
50 m_malloc_free_epoch(1, 0); 45 m_malloc_free_epoch(1, 0);
51 } else { 46 } else {
52 m_malloc_free_epoch(1, 1); 47 m_malloc_free_epoch(1, 1);
53 TRACE(("dropbear_exit longjmped")) 48 TRACE(("dropbear_exit longjmped"))
54 // dropbear_exit jumped here 49 // dropbear_exit jumped here
55 } 50 }
56 #endif
57 51
58 return 0; 52 return 0;
59 } 53 }