Mercurial > dropbear
comparison fuzz/fuzz-common.c @ 1782:a6da10ac64b5 fuzz
fuzz: make postauth set authdone properly
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 03 Dec 2020 22:18:51 +0800 |
parents | b5aedadc0008 |
children | 9026f976eee8 |
comparison
equal
deleted
inserted
replaced
1781:bf1912d2d6e9 | 1782:a6da10ac64b5 |
---|---|
100 svr_getopts(argc, argv); | 100 svr_getopts(argc, argv); |
101 | 101 |
102 load_fixed_hostkeys(); | 102 load_fixed_hostkeys(); |
103 } | 103 } |
104 | 104 |
105 void fuzz_svr_hook_preloop() { | |
106 if (fuzz.svr_postauth) { | |
107 ses.authstate.authdone = 1; | |
108 fill_passwd("root"); | |
109 } | |
110 } | |
111 | |
105 void fuzz_cli_setup(void) { | 112 void fuzz_cli_setup(void) { |
106 fuzz_common_setup(); | 113 fuzz_common_setup(); |
107 | 114 |
108 _dropbear_exit = cli_dropbear_exit; | 115 _dropbear_exit = cli_dropbear_exit; |
109 _dropbear_log = cli_dropbear_log; | 116 _dropbear_log = cli_dropbear_log; |
240 cb(DROPBEAR_FAILURE, -1, cb_data, "errorstring"); | 247 cb(DROPBEAR_FAILURE, -1, cb_data, "errorstring"); |
241 } | 248 } |
242 return NULL; | 249 return NULL; |
243 } | 250 } |
244 | 251 |
245 int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int authdone) { | 252 int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int postauth) { |
246 static int once = 0; | 253 static int once = 0; |
247 if (!once) { | 254 if (!once) { |
248 fuzz_svr_setup(); | 255 fuzz_svr_setup(); |
249 fuzz.skip_kexmaths = skip_kexmaths; | 256 fuzz.skip_kexmaths = skip_kexmaths; |
250 once = 1; | 257 once = 1; |
251 } | 258 } |
252 | 259 |
260 fuzz.svr_postauth = postauth; | |
261 | |
253 if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) { | 262 if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) { |
254 return 0; | 263 return 0; |
255 } | 264 } |
256 | 265 |
257 uint32_t wrapseed; | 266 uint32_t wrapseed; |
258 genrandom((void*)&wrapseed, sizeof(wrapseed)); | 267 genrandom((void*)&wrapseed, sizeof(wrapseed)); |
259 wrapfd_setseed(wrapseed); | 268 wrapfd_setseed(wrapseed); |
260 | 269 |
261 int fakesock = wrapfd_new_fuzzinput(); | 270 int fakesock = wrapfd_new_fuzzinput(); |
262 | |
263 if (authdone) { | |
264 ses.authstate.authdone = 1; | |
265 fill_passwd("root"); | |
266 } | |
267 | 271 |
268 m_malloc_set_epoch(1); | 272 m_malloc_set_epoch(1); |
269 fuzz.do_jmp = 1; | 273 fuzz.do_jmp = 1; |
270 if (setjmp(fuzz.jmp) == 0) { | 274 if (setjmp(fuzz.jmp) == 0) { |
271 svr_session(fakesock, fakesock); | 275 svr_session(fakesock, fakesock); |