Mercurial > dropbear

diff fuzzer-preauth.c @ 1377:d4cc85e6c569 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
rearrange, all fuzzers now call fuzzer_set_input()
author Matt Johnston <matt@ucc.asn.au>
date Thu, 25 May 2017 22:21:49 +0800
parents 17104db7928c
children 7209a6e30932
line wrap: on
line diff
--- a/fuzzer-preauth.c	Thu May 25 22:21:23 2017 +0800
+++ b/fuzzer-preauth.c	Thu May 25 22:21:49 2017 +0800
@@ -19,6 +19,23 @@
 		return 0;
 	}
 
+    // get prefix. input format is
+    // string prefix
+    //     uint32 wrapfd seed
+    //     ... to be extended later
+    // [bytes] ssh input stream
+
+    // be careful to avoid triggering buffer.c assertions
+    if (fuzz.input->len < 8) {
+        return 0;
+    }
+    size_t prefix_size = buf_getint(fuzz.input);
+    if (prefix_size != 4) {
+        return 0;
+    }
+    uint32_t wrapseed = buf_getint(fuzz.input);
+    wrapfd_setseed(wrapseed);
+
 	int fakesock = 1;
 	wrapfd_add(fakesock, fuzz.input, PLAIN);