Mercurial > dropbear
view fuzz-harness.c @ 1630:9579377b5f8b
use strlcpy & strlcat (#74)
* refactor checkpubkeyperms() with safe BSD functions
fix gcc8 warnings
```
svr-authpubkey.c: In function 'checkpubkeyperms':
svr-authpubkey.c:427:2: warning: 'strncat' specified bound 5 equals source length [-Wstringop-overflow=]
strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
svr-authpubkey.c:433:2: warning: 'strncat' specified bound 16 equals source length [-Wstringop-overflow=]
strncat(filename, "/authorized_keys", 16);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
see https://www.sudo.ws/todd/papers/strlcpy.html
* restore strlcpy in xstrdup
see original https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/xmalloc.c?rev=1.16
| author | François Perrad <francois.perrad@gadz.org> |
|---|---|
| date | Wed, 20 Mar 2019 15:09:19 +0100 |
| parents | bff41a61a1b6 |
| children | dfbe947bdf0d |
line wrap: on
line source
#include "includes.h" #include "buffer.h" #include "dbutil.h" extern int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size); int main(int argc, char ** argv) { int i; buffer *input = buf_new(100000); for (i = 1; i < argc; i++) { printf("arg %s\n", argv[i]); #if DEBUG_TRACE if (strcmp(argv[i], "-v") == 0) { debug_trace = 1; TRACE(("debug printing on")) } #endif } int old_fuzz_wrapfds = 0; for (i = 1; i < argc; i++) { if (argv[i][0] == '-') { /* ignore arguments */ continue; } char* fn = argv[i]; buf_setlen(input, 0); buf_readfile(input, fn); buf_setpos(input, 0); fuzz.wrapfds = old_fuzz_wrapfds; printf("Running %s once \n", fn); LLVMFuzzerTestOneInput(input->data, input->len); printf("Running %s twice \n", fn); LLVMFuzzerTestOneInput(input->data, input->len); printf("Done %s\n", fn); /* Disable wrapfd so it won't interfere with buf_readfile() above */ old_fuzz_wrapfds = fuzz.wrapfds; fuzz.wrapfds = 0; } printf("Finished\n"); return 0; }