changeset 1757:517fb7b62438

Add some more variation to fuzzer random number generation
author Matt Johnston <matt@ucc.asn.au>
date Fri, 23 Oct 2020 23:32:44 +0800
parents d5680e12ac33
children 1365661f6be6
files dbrandom.c fuzz.h fuzz/fuzz-common.c
diffstat 3 files changed, 5 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/dbrandom.c	Fri Oct 23 23:10:20 2020 +0800
+++ b/dbrandom.c	Fri Oct 23 23:32:44 2020 +0800
@@ -150,10 +150,11 @@
 }
 
 #if DROPBEAR_FUZZ
-void fuzz_seed(void) {
+void fuzz_seed(const unsigned char* dat, unsigned int len) {
 	hash_state hs;
 	sha1_init(&hs);
 	sha1_process(&hs, "fuzzfuzzfuzz", strlen("fuzzfuzzfuzz"));
+	sha1_process(&hs, dat, len);
 	sha1_done(&hs, hashpool);
 
 	counter = 0;
--- a/fuzz.h	Fri Oct 23 23:10:20 2020 +0800
+++ b/fuzz.h	Fri Oct 23 23:32:44 2020 +0800
@@ -29,7 +29,7 @@
         const char* algo, unsigned int algolen,
         const unsigned char* keyblob, unsigned int keybloblen);
 extern const char * const * fuzz_signkey_names;
-void fuzz_seed(void);
+void fuzz_seed(const unsigned char* dat, unsigned int len);
 
 // helpers
 void fuzz_get_socket_address(int fd, char **local_host, char **local_port,
--- a/fuzz/fuzz-common.c	Fri Oct 23 23:10:20 2020 +0800
+++ b/fuzz/fuzz-common.c	Fri Oct 23 23:32:44 2020 +0800
@@ -25,7 +25,7 @@
     fuzz.input = m_malloc(sizeof(buffer));
     _dropbear_log = fuzz_dropbear_log;
     crypto_init();
-    fuzz_seed();
+    fuzz_seed("start", 5);
     /* let any messages get flushed */
     setlinebuf(stdout);
 }
@@ -42,7 +42,7 @@
     memset(&cli_ses, 0x0, sizeof(cli_ses));
     wrapfd_setup(fuzz.input);
 
-    fuzz_seed();
+    fuzz_seed(fuzz.input->data, MIN(fuzz.input->len, 16));
 
     return DROPBEAR_SUCCESS;
 }