aboutsummaryrefslogtreecommitdiffstats
path: root/fuzz
Commit message (Collapse)AuthorAgeFilesLines
* Remove unused variable.Ben Laurie2017-10-161-0/+2
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4367)
* Stack sorting safetyPauli2017-09-182-2/+2
| | | | | | | | Use the defined typechecking stack method to sort the compression methods stack rather than using the generic function and apply type casts. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4382)
* bndiv fuzzer: limit the size of the input to avoid timeoutgbrl2017-08-161-0/+7
| | | | | | | | CLA: trivial Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4119)
* Move FuzzerSetRand to separate file.Rich Salz2017-08-116-31/+48
| | | | | | | Use an inline rand.inc; this fixes Google's OSS-Fuzz builds. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4141)
* Install custom RAND_METHOD for fuzzingRich Salz2017-07-266-44/+36
| | | | | | | | | | | | Instead of setting a "magic" global variable to force RAND to keep consistent state and always generate the same bytestream, have the fuzzing code install its own RAND_METHOD that does this. For BN_RAND_DEBUG, we just don't do it; that debugging was about mucking with BN's internal representation, not requiring predictable rand bytes. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4025)
* Update fuzz corporaKurt Roeckx2017-07-0222495-2943/+7089
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #3829
* fuzz/{client,server}.c: omit _time64 "overload method".Andy Polyakov2017-04-272-16/+12
| | | | | | | | | | | Approach was opportunistic in Windows context from its inception and on top of that it was proven to be error-prone at link stage. Correct answer is to introduce library-specific time function that we can control in platform-neutral manner. Meanwhile we just let be attempts to override time on Windows. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3320)
* Change 64-bit time type for windowsJon Spillett2017-04-192-2/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3248)
* Optionally check for early dataKurt Roeckx2017-04-161-1/+19
| | | | | | | | | | | This adds a way to use the last byte of the buffer to change the behavior of the server. The last byte is used so that the existing corpus can be reused either without changing it, or just adding a single byte, and that it can still be used by other projects. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Use a fixed time when fuzzing.Kurt Roeckx2017-04-162-1/+36
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Document how to update the corpus.Kurt Roeckx2017-04-161-0/+12
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Make x509 and asn1 fuzzer reproducibleKurt Roeckx2017-04-162-0/+24
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Switch libfuzzer to use trace-pc-guardKurt Roeckx2017-04-161-1/+1
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Act on deprecation of LONG and ZLONG, step 1Richard Levitte2017-04-101-0/+4
| | | | | | | Don't compile code that still uses LONG when it's deprecated Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3126)
* Publish our INT32, UINT32, INT64, UINT64 ASN.1 types and Z variantsRichard Levitte2017-04-101-0/+8
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3126)
* Make default_method mostly compile-timeRich Salz2017-04-072-20/+0
| | | | | | | | Document thread-safety issues Have RSA_null return NULL (always fails) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2244)
* Fix out-of-memory condition in confMatt Caswell2017-03-121-0/+41
| | | | | | | | | | | | conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion. Credit to OSS-Fuzz for finding this problem. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2894)
* Update client, server and x509 fuzz corpusKurt Roeckx2017-02-216183-6/+3
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2682
* Update client and server corpusKurt Roeckx2017-01-294777-0/+1
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2318
* Fix build issues with no-dh, no-dsa and no-ecRichard Levitte2017-01-092-0/+24
| | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2192)
* Update fuzz corporaKurt Roeckx2017-01-068085-237/+216
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Make client and server fuzzer reproducibleKurt Roeckx2017-01-062-0/+12
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Make the bignum fuzzer reproducibleKurt Roeckx2017-01-061-18/+23
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Update fuzz documentationKurt Roeckx2017-01-061-5/+48
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* server fuzzer: add support for DSA and ECDSAKurt Roeckx2017-01-061-1/+321
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Update fuzz corporaKurt Roeckx2016-12-192442-0/+0
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #2090
* Make client and server fuzzer support all ciphersKurt Roeckx2016-12-162-0/+4
| | | | | | | Also send a SNI extension in the client so the fuzzer can react to it. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2088
* Document the recommended parameters for fuzzingKurt Roeckx2016-12-161-2/+10
| | | | | | | We use those parameters for calculating the coverage. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2088
* Update client fuzz corpusKurt Roeckx2016-12-09310-0/+0
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2060
* Update client fuzzer corpusKurt Roeckx2016-12-091251-1/+0
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2053
* Fuzz corpora updateKurt Roeckx2016-12-089069-1247/+3758
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2041
* And client fuzzerKurt Roeckx2016-12-082-2/+99
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2041
* Make asn1 fuzzer more reproducibleKurt Roeckx2016-12-081-8/+16
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2041
* Make the fuzzers more reproducibleKurt Roeckx2016-12-038-27/+81
| | | | | | | | | | | | | | | | | We want to be in the same global state each time we come in FuzzerTestOneInput(). There are various reasons why we might not be that include: - Initialization that happens on first use. This is mostly the RUN_ONCE() things, or loading of error strings. - Results that get cached. For instance a stack that is sorted, RSA blinding that has been set up, ... So I try to trigger as much as possible in FuzzerInitialize(), and for things I didn't find out how to trigger this it needs to happen in FuzzerTestOneInput(). Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* Move libfuzzer sanitizer options to READMEKurt Roeckx2016-12-031-1/+2
| | | | | | | | This is something you might want to change depending on the version to use, there is no point in us fixing this to something. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* CMS fuzzer: also use id2Kurt Roeckx2016-12-031-5/+13
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* Make the random number generator predictable when fuzzing.Kurt Roeckx2016-12-032-1/+10
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* bndiv fuzzer: move new and free calls to the init and cleanup function.Kurt Roeckx2016-12-031-14/+20
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* bignum fuzzer: move new and free calls to the init and cleanup function.Kurt Roeckx2016-12-031-14/+20
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* asn1parse: create the out bio during init, free it during cleanupKurt Roeckx2016-12-031-5/+4
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* Add a FuzzerClean() functionKurt Roeckx2016-12-0313-0/+47
| | | | | | | | This allows to free everything we allocated, so we can detect memory leaks. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* FuzzerInitialize always existsKurt Roeckx2016-12-031-5/+2
| | | | | | | There was a time it could be NULL, but that was changed to always have it. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* Fix formatting of fuzzersKurt Roeckx2016-12-0311-21/+42
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
* Update fuzz corporaKurt Roeckx2016-11-123895-654/+374
| | | | | | | | New minimal fuzz corpora set Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #1910
* conf fuzzer: also check for an empty fileKurt Roeckx2016-11-031-2/+7
| | | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1828
* Fix link to LibFuzzerSergey Bronnikov2016-11-021-1/+1
| | | | | | | CLA: trivial Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1801)
* [fuzzers] do not fail fuzzers with empty inputMike Aizatsky2016-11-012-4/+14
| | | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1788
* Update fuzz corporaKurt Roeckx2016-10-102325-124/+59
| | | | | | | | New minimal fuzz corpora for asn1, asn1parse, bndiv, crl and x509 Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #1678
* Add to fuzz corpora for CVE-2016-6309Robert Swiecki2016-09-263-0/+0
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Update fuzz corporaKurt Roeckx2016-08-234156-608/+568
| | | | | | | | | | | | | | | | | | This is a new minimal corpus with the following changes: - asn1: files: 1135 (+474), tuples: 27236 (+7496) - asn1parse: files: 305 (-3), tuples: 8758 (+11) - bignum: files: 370 (-1), tuples: 9547 (+10) - bndiv: files: 160 (+0), tuples: 2416 (+6) - cms: files: 155 (-1), tuples: 3408 (+0) - conf: files: 231 (-11), tuples: 4668 (+3) - crl: files: 905 (+188), tuples: 22876 (+4096) - ct: files: 117 (+35), tuples: 3557 (+908) - x509: files: 920, tuples: 28334 Note that tuple count depends on the binary and is random. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-08 19:28:44 +0000