Mercurial > dropbear
changeset 1385:6c92e97553f1 fuzz
Add a flag whether to longjmp, missed that last commit
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 01 Jun 2017 21:30:26 +0800 |
| parents | ecdd4e8ae427 |
| children | f0990c284663 |
| files | dbutil.c fuzz-common.c fuzz.h fuzzer-preauth.c svr-session.c |
| diffstat | 5 files changed, 7 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/dbutil.c Tue May 30 22:50:52 2017 +0800 +++ b/dbutil.c Thu Jun 01 21:30:26 2017 +0800 @@ -122,7 +122,7 @@ #ifdef DROPBEAR_FUZZ // longjmp before cleaning up svr_opts - if (fuzz.fuzzing) { + if (fuzz.do_jmp) { longjmp(fuzz.jmp, 1); } #endif
--- a/fuzz-common.c Tue May 30 22:50:52 2017 +0800 +++ b/fuzz-common.c Thu Jun 01 21:30:26 2017 +0800 @@ -17,6 +17,7 @@ void common_setup_fuzzer(void) { fuzz.fuzzing = 1; fuzz.wrapfds = 1; + fuzz.do_jmp = 1; fuzz.input = m_malloc(sizeof(buffer)); _dropbear_log = fuzz_dropbear_log; crypto_init();
--- a/fuzz.h Tue May 30 22:50:52 2017 +0800 +++ b/fuzz.h Thu Jun 01 21:30:26 2017 +0800 @@ -49,6 +49,7 @@ int wrapfds; // dropbear_exit() jumps back + int do_jmp; sigjmp_buf jmp; uid_t pw_uid;
--- a/fuzzer-preauth.c Tue May 30 22:50:52 2017 +0800 +++ b/fuzzer-preauth.c Thu Jun 01 21:30:26 2017 +0800 @@ -12,6 +12,8 @@ static int once = 0; if (!once) { setup_fuzzer(); + // XXX temporarily disable setjmp to debug asan segv + fuzz.do_jmp = 0; once = 1; } @@ -40,7 +42,7 @@ wrapfd_add(fakesock, fuzz.input, PLAIN); m_malloc_set_epoch(1); - // temporarily disable setjmp to debug asan segv + // XXX temporarily disable setjmp to debug asan segv svr_session(fakesock, fakesock); #if 0 if (setjmp(fuzz.jmp) == 0) {