aboutsummaryrefslogtreecommitdiffstats
path: root/fuzz
Commit message (Collapse)AuthorAgeFilesLines
* QUIC RCIDM: Minor updatesHugo Landau2024-01-111-1/+1
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23022)
* Update fuzz corporaHugo Landau2024-01-111-0/+0
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23022)
* QUIC RCIDM: Update fuzz corporaHugo Landau2024-01-111-0/+0
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23022)
* QUIC RCIDM: Add fuzzerHugo Landau2024-01-112-1/+208
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23022)
* crypto/cmp/,apps/lib/cmp_mock_srv.c: various improvements on delayed deliveryDr. David von Oheimb2023-12-211-5/+6
| | | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20727)
* crypto/cmp/,apps/lib/cmp_mock_srv.c: add delayed delivery for all types of ↵Rajeev Ranjan2023-12-211-1/+14
| | | | | | | | | responses Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20727)
* QUIC LCIDM: Add fuzzerHugo Landau2023-12-062-2/+190
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)
* Update fuzz corporaHugo Landau2023-11-231-0/+0
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22790)
* QUIC SRTM: Update fuzz corporaHugo Landau2023-11-231-0/+0
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22612)
* Fuzzing: Fix helper shebang on NixOSHugo Landau2023-11-231-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22612)
* QUIC SRTM: Add fuzzer for SRTMHugo Landau2023-11-232-2/+129
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22612)
* Exclude more in the fuzz introspector reportKurt Roeckx2023-11-141-0/+2
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22707)
* Add support for streams to the quic-client fuzzerMatt Caswell2023-11-031-14/+87
| | | | | | | | Enable the quic-client fuzzer to accept and create new streams Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22592)
* Call SSL_write() in the quic-client-fuzzerMatt Caswell2023-11-031-6/+26
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22592)
* Create a fuzz introspector exclude config fileKurt Roeckx2023-10-301-0/+10
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22532)
* Update to latest fuzz corporaKurt Roeckx2023-10-301-0/+0
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22531)
* Update the corpora files to include the new quic-client subdirMatt Caswell2023-10-231-0/+0
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22368)
* Teach the quic-client fuzzer about timeMatt Caswell2023-10-232-20/+65
| | | | | | | | | We allow the fuzzer to influence the time between different packets using the fake time capability. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22368)
* Some cleanups in the quic-client fuzzerMatt Caswell2023-10-231-28/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22368)
* Update the fuzz README to provide info about the stdc++ requirementsMatt Caswell2023-10-231-0/+28
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22368)
* Updates to the quic client fuzzerMatt Caswell2023-10-231-4/+23
| | | | | | | | | Handle retryable errors from SSL_read(). Also ensure the underlying BIO handles the destination address capability. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22368)
* Add quic client fuzzer.Kurt Roeckx2023-10-232-0/+155
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22368)
* Copyright year updatesMatt Caswell2023-09-073-3/+3
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
* Update fuzz corpora to latest commitKurt Roeckx2023-09-051-0/+0
| | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21927)
* Update X509 fuzzer to verify a chainKurt Roeckx2023-09-012-13/+122
| | | | | | | | | | | | | It add supports for verifying that it's been signed by a CA, and checks the CRL and OCSP status Can find CVE-2022-4203 and CVE-2023-0286 Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20243)
* fix: add fuzz oidsJonathan M. Wilbur2023-06-291-0/+25
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21232)
* Add decoder fuzzerKurt Roeckx2023-06-232-2/+96
| | | | | | | | This found CVE-2023-0217 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20269)
* Update fuzz/corpora submodule to latest dataTomas Mraz2023-06-021-0/+0
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21118)
* Add PEM fuzzerKurt Roeckx2023-06-012-2/+69
| | | | | | | | This fuzzer can find CVE-2022-4450 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20242)
* Adding some selected MS OIDs for #19630 added ms-corp alias for OID ↵Dragan Zuvic2023-05-221-1/+5
| | | | | | | | | | | | | 1.3.6.1.4.1.311 and changed hopefully all occurences for that OID Signed-off-by: Dragan Zuvic <dragan.zuvic@mercedes-benz.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20986)
* Update the corpora submoduleMatt Caswell2023-05-081-0/+0
| | | | | | | | | | We update the corpora submodule to include a fuzz testcase for the conf timeout. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20839)
* Update the corporaMatt Caswell2023-05-011-0/+0
| | | | | | | | | Updated the fuzz corpora to include a testcase for the zero length handshake fragment records issue fixed by the previous commit. Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20824)
* Replaced '{ 0, NULL }' with OSSL_DISPATCH_END in OSSL_DISPATCH arraysIrak Rigia2023-04-211-2/+2
| | | | | | | | | Fixes #20710 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20745)
* Add openssl/fuzz-corpora repository as submoduleTomas Mraz2023-04-111-0/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20683)
* Remove fuzz corpora data from the repositoryTomas Mraz2023-04-1119718-20041/+0
| | | | | | | | To be replaced with a git submodule. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20683)
* Add fuzz test for v3nameHardik Shah2023-03-013-0/+54
| | | | | | | | | | | | v3name_fuzzer build modifications create 99-test_fuzz_v3name_fuzzer.t test corpus for cve-2023-0286 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20274)
* Added a fuzzer for SMIMEAlex Gaynor2023-02-273-2/+150
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20332)
* obj: Add SM4 XTS OIDXu Yizhou2022-11-291-0/+1
| | | | | | | | | | Add the following OID: SM4-XTS: 1.2.156.10197.1.104.10 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19619)
* Use <openssl/e_os2.h> rather than <stdint.h>Richard Levitte2022-11-171-2/+2
| | | | | | | | | <stdint.h> is C99, which means that on older compiler, it can't be included. We have code in <openssl/e_os2.h> that compensates. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19697)
* fuzz: add punycode decoder fuzz testPauli2022-11-115-0/+55
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/19591)
* Add Content Type OID for RPKI id-ct-signedTALJob Snijders2022-10-031-0/+1
| | | | | | | | | | | | | | References: draft-ietf-sidrops-signed-tal Title: "RPKI Signed Object for Trust Anchor Key" OID permanently assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19221)
* Allow PKCS12 export to set arbitrary bag attributesGraham Woodward2022-09-231-0/+2
| | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19025)
* Add support for PBE using hmacWithSM3K12022-09-151-0/+1
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19204)
* Objects: Add OIDs needed for CAdES-ProcessingLutz Jaenicke2022-06-281-0/+20
| | | | | | | | | Add objects from ETSI-specification(s) used in CAdES processing. Main document referenced is ETSI EN 319 122-1 V1.2.1. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18655)
* fuzz/asn1.c: Add check for ASN1_item_i2dJiasheng Jiang2022-06-281-2/+3
| | | | | | | | | | | As the potential failure of the ASN1_item_i2d, it should be better to check the return value. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18647)
* objects.txt: Add newly registered OIDs according to CMP Updates, for use in ↵Dr. David von Oheimb2022-05-041-0/+10
| | | | | | | | | extended CMPv2 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/15778)
* Update copyright yearMatt Caswell2022-05-033-3/+3
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
* check return value of functions that call BIO_new()tangyiqun2022-03-161-1/+12
| | | | | | | Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17850)
* fuzz/fuzz_rand.c: Add check for OSSL_LIB_CTX_newJiasheng Jiang2022-02-281-0/+2
| | | | | | | | | | | | | As the potential failure of the OPENSSL_zalloc(), the OSSL_LIB_CTX_new() could return NULL. Therefore, it should be better to check it and return error if fails in order to guarantee the success of the initialization. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17738)
* fuzz/asn1.c: Add missing check for BIO_newJiasheng Jiang2022-02-201-9/+16
| | | | | | | | | | | | Since the BIO_new may fail, the 'bio' could be NULL pointer and be used. Therefore, it should be better to check it and skip the print if fails. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17690)
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-23 05:59:10 +0000