Mercurial > dropbear
view fuzzers_test.sh @ 1885:5d8dbb6fdab7
Fix SSH_PUBKEYINFO, limit characters, add tests
We fix a bad_bufptr() failure from a previous commit. We now limit
the allowed characters to those that will definitely be safe
in a shell. Some scripts/programs may use arbitrary environment
variables without escaping correctly - that could be a problem
in a restricted environment.
The current allowed set is a-z A-Z 0-9 .,_-+@
This also adds a test for SSH_PUBKEYINFO, by default it only runs
under github actions (or "act -j build").
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 16 Mar 2022 17:17:23 +0800 |
parents | fd00aeff38fd |
children |
line wrap: on
line source
#!/bin/sh # runs fuzz corpus with standalone fuzzers result=0 test -d fuzzcorpus && hg --repository fuzzcorpus/ pull || hg clone https://hg.ucc.asn.au/dropbear-fuzzcorpus fuzzcorpus || exit 1 for f in `make list-fuzz-targets`; do # use xargs to split the too-long argument list # -q quiet because travis has a logfile limit echo fuzzcorpus/$f/* | xargs -n 1000 ./$f -q || result=1 done exit $result