changeset 1386:f0990c284663 fuzz

fuzzer-preauth don't call getpwnam(), bring back longjmp
author Matt Johnston <matt@ucc.asn.au>
date Fri, 02 Jun 2017 00:03:51 +0800
parents 6c92e97553f1
children 27e65d3aed5f
files fuzz-common.c fuzzer-preauth.c
diffstat 2 files changed, 3 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/fuzz-common.c	Thu Jun 01 21:30:26 2017 +0800
+++ b/fuzz-common.c	Fri Jun 02 00:03:51 2017 +0800
@@ -66,11 +66,9 @@
     svr_getopts(argc, argv);
 
     /* user lookups might be slow, cache it */
-    pw = getpwuid(getuid());
-    dropbear_assert(pw);
-    fuzz.pw_name = m_strdup(pw->pw_name);
-    fuzz.pw_dir = m_strdup(pw->pw_dir);
-    fuzz.pw_shell = m_strdup(pw->pw_shell);
+    fuzz.pw_name = m_strdup("person");
+    fuzz.pw_dir = m_strdup("/tmp");
+    fuzz.pw_shell = m_strdup("/bin/zsh");
     fuzz.pw_passwd = m_strdup("!!zzznope");
 
     load_fixed_hostkeys();
--- a/fuzzer-preauth.c	Thu Jun 01 21:30:26 2017 +0800
+++ b/fuzzer-preauth.c	Fri Jun 02 00:03:51 2017 +0800
@@ -12,8 +12,6 @@
 	static int once = 0;
 	if (!once) {
 		setup_fuzzer();
-		// XXX temporarily disable setjmp to debug asan segv
-		fuzz.do_jmp = 0;
 		once = 1;
 	}
 
@@ -42,9 +40,6 @@
 	wrapfd_add(fakesock, fuzz.input, PLAIN);
 
 	m_malloc_set_epoch(1);
-	// XXX temporarily disable setjmp to debug asan segv
-	svr_session(fakesock, fakesock);
-	#if 0
 	if (setjmp(fuzz.jmp) == 0) {
 		svr_session(fakesock, fakesock);
 		m_malloc_free_epoch(1, 0);
@@ -53,7 +48,6 @@
 		TRACE(("dropbear_exit longjmped"))
 		// dropbear_exit jumped here
 	}
-	#endif
 
 	return 0;
 }