Mercurial > dropbear
view fuzz/fuzzer-postauth_nomaths.c @ 1885:5d8dbb6fdab7
Fix SSH_PUBKEYINFO, limit characters, add tests
We fix a bad_bufptr() failure from a previous commit. We now limit
the allowed characters to those that will definitely be safe
in a shell. Some scripts/programs may use arbitrary environment
variables without escaping correctly - that could be a problem
in a restricted environment.
The current allowed set is a-z A-Z 0-9 .,_-+@
This also adds a test for SSH_PUBKEYINFO, by default it only runs
under github actions (or "act -j build").
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 16 Mar 2022 17:17:23 +0800 |
parents | 97ad26e397a5 |
children |
line wrap: on
line source
#include "fuzz.h" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return fuzz_run_server(Data, Size, 1, 1); }