aboutsummaryrefslogtreecommitdiffstats
path: root/fuzz
Commit message (Collapse)AuthorAgeFilesLines
* Copyright year updatesMatt Caswell2023-09-073-3/+3
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
* Update fuzz corpora to latest commitKurt Roeckx2023-09-051-0/+0
| | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21927)
* Update X509 fuzzer to verify a chainKurt Roeckx2023-09-012-13/+122
| | | | | | | | | | | | | It add supports for verifying that it's been signed by a CA, and checks the CRL and OCSP status Can find CVE-2022-4203 and CVE-2023-0286 Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20243)
* fix: add fuzz oidsJonathan M. Wilbur2023-06-291-0/+25
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21232)
* Add decoder fuzzerKurt Roeckx2023-06-232-2/+96
| | | | | | | | This found CVE-2023-0217 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20269)
* Update fuzz/corpora submodule to latest dataTomas Mraz2023-06-021-0/+0
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21118)
* Add PEM fuzzerKurt Roeckx2023-06-012-2/+69
| | | | | | | | This fuzzer can find CVE-2022-4450 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20242)
* Adding some selected MS OIDs for #19630 added ms-corp alias for OID ↵Dragan Zuvic2023-05-221-1/+5
| | | | | | | | | | | | | 1.3.6.1.4.1.311 and changed hopefully all occurences for that OID Signed-off-by: Dragan Zuvic <dragan.zuvic@mercedes-benz.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20986)
* Update the corpora submoduleMatt Caswell2023-05-081-0/+0
| | | | | | | | | | We update the corpora submodule to include a fuzz testcase for the conf timeout. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20839)
* Update the corporaMatt Caswell2023-05-011-0/+0
| | | | | | | | | Updated the fuzz corpora to include a testcase for the zero length handshake fragment records issue fixed by the previous commit. Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20824)
* Replaced '{ 0, NULL }' with OSSL_DISPATCH_END in OSSL_DISPATCH arraysIrak Rigia2023-04-211-2/+2
| | | | | | | | | Fixes #20710 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20745)
* Add openssl/fuzz-corpora repository as submoduleTomas Mraz2023-04-111-0/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20683)
* Remove fuzz corpora data from the repositoryTomas Mraz2023-04-1119718-20041/+0
| | | | | | | | To be replaced with a git submodule. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20683)
* Add fuzz test for v3nameHardik Shah2023-03-013-0/+54
| | | | | | | | | | | | v3name_fuzzer build modifications create 99-test_fuzz_v3name_fuzzer.t test corpus for cve-2023-0286 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20274)
* Added a fuzzer for SMIMEAlex Gaynor2023-02-273-2/+150
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20332)
* obj: Add SM4 XTS OIDXu Yizhou2022-11-291-0/+1
| | | | | | | | | | Add the following OID: SM4-XTS: 1.2.156.10197.1.104.10 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19619)
* Use <openssl/e_os2.h> rather than <stdint.h>Richard Levitte2022-11-171-2/+2
| | | | | | | | | <stdint.h> is C99, which means that on older compiler, it can't be included. We have code in <openssl/e_os2.h> that compensates. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19697)
* fuzz: add punycode decoder fuzz testPauli2022-11-115-0/+55
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/19591)
* Add Content Type OID for RPKI id-ct-signedTALJob Snijders2022-10-031-0/+1
| | | | | | | | | | | | | | References: draft-ietf-sidrops-signed-tal Title: "RPKI Signed Object for Trust Anchor Key" OID permanently assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19221)
* Allow PKCS12 export to set arbitrary bag attributesGraham Woodward2022-09-231-0/+2
| | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19025)
* Add support for PBE using hmacWithSM3K12022-09-151-0/+1
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19204)
* Objects: Add OIDs needed for CAdES-ProcessingLutz Jaenicke2022-06-281-0/+20
| | | | | | | | | Add objects from ETSI-specification(s) used in CAdES processing. Main document referenced is ETSI EN 319 122-1 V1.2.1. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18655)
* fuzz/asn1.c: Add check for ASN1_item_i2dJiasheng Jiang2022-06-281-2/+3
| | | | | | | | | | | As the potential failure of the ASN1_item_i2d, it should be better to check the return value. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18647)
* objects.txt: Add newly registered OIDs according to CMP Updates, for use in ↵Dr. David von Oheimb2022-05-041-0/+10
| | | | | | | | | extended CMPv2 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/15778)
* Update copyright yearMatt Caswell2022-05-033-3/+3
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
* check return value of functions that call BIO_new()tangyiqun2022-03-161-1/+12
| | | | | | | Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17850)
* fuzz/fuzz_rand.c: Add check for OSSL_LIB_CTX_newJiasheng Jiang2022-02-281-0/+2
| | | | | | | | | | | | | As the potential failure of the OPENSSL_zalloc(), the OSSL_LIB_CTX_new() could return NULL. Therefore, it should be better to check it and return error if fails in order to guarantee the success of the initialization. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17738)
* fuzz/asn1.c: Add missing check for BIO_newJiasheng Jiang2022-02-201-9/+16
| | | | | | | | | | | | Since the BIO_new may fail, the 'bio' could be NULL pointer and be used. Therefore, it should be better to check it and skip the print if fails. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17690)
* Update troublesome copyright years of auto-generated files to 2022Dr. David von Oheimb2022-01-031-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17398)
* Add OID for RPKI id-ct-ASPAJob Snijders2021-11-111-0/+1
| | | | | | | | | | | | | | | References: draft-ietf-sidrops-aspa-profile "A Profile for Autonomous System Provider Authorization" (ASPA) OID permanently assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17002)
* obj: Add SM4 GCM/CCM OIDTianjia Zhang2021-10-051-0/+2
| | | | | | | | | | | | | | Add the following OID: SM4-GCM: 1.2.156.10197.1.104.8 SM4-CCM: 1.2.156.10197.1.104.9 Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16731)
* increase x509 code coverage metricsTavis Ormandy2021-09-2338-0/+0
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16651)
* Fix the error handling in i2v_AUTHORITY_KEYIDMatt Caswell2021-08-241-0/+0
| | | | | | | | Previously if an error path is entered a leak could result. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David Benjamin <davidben@google.com>
* Update copyright yearMatt Caswell2021-06-171-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15801)
* fuzz/asn1parse.c: Clean up non-portable code and catch malloc failureDr. David von Oheimb2021-06-151-2/+2
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15722)
* fuzz/asn1parse: Use BIO_s_mem() as fallback outputTomas Mraz2021-06-111-0/+2
| | | | | | | /dev/null is not available everywhere. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15672)
* fuzz: remove TODOsPauli2021-06-022-10/+0
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
* Use "" for include internal/xxxRich Salz2021-05-271-1/+1
| | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15468)
* Add OID for RPKI id-ct-signedChecklistJob Snijders2021-05-121-0/+1
| | | | | | | | | | | | | | | References: draft-ietf-sidrops-rpki-rsc - Resource Public Key Infrastructure (RPKI) object profile for Signed Checklist (RSC) OID listed under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 CLA: Trivial Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15207)
* Add a local perl module to get year last changedRich Salz2021-03-312-4/+25
| | | | | | | | | | | This is used for generating a more-correct copyright statement for the "build_generated" targets. Fixes: #13765 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13791)
* Update copyright yearMatt Caswell2021-03-113-3/+3
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
* prov: update rand implementations to have a params argument for the ↵Pauli2021-02-281-1/+2
| | | | | | | instantiate call Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14310)
* fuzzer: add ctx gettable/settable to the fuzzer RNGPauli2021-02-261-1/+2
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14240)
* RAND_METHOD deprecation: fuzzerPauli2021-02-238-25/+187
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13652)
* RAND_METHOD deprecation: documentationPauli2021-02-231-40/+0
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13652)
* Update copyright yearMatt Caswell2021-02-181-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
* Test that X509_issuer_and_serial_hash doesn't crashMatt Caswell2021-02-162-0/+2
| | | | | | | | Provide a certificate with a bad issuer and check that X509_issuer_and_serial_hash doesn't crash. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
* Add OID for draft-ietf-opsawg-finding-geofeeds detached CMS signatureJob Snijders2021-02-121-0/+1
| | | | | | | | | | RFC 8805 Geofeed files can be authenticated with RPKI CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14050)
* Add some PKIX-RPKI objectsJob Snijders2021-02-021-0/+12
| | | | | | | | | | | | | | | | | References: RFC6482 - A Profile for Route Origin Authorizations (ROAs) RFC6484 - Certificate Policy (CP) for the RPKI RFC6493 - The RPKI Ghostbusters Record RFC8182 - The RPKI Repository Delta Protocol (RRDP) RFC8360 - RPKI Validation Reconsidered draft-ietf-sidrops-rpki-rta - A profile for RTAs CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13948)
* Update copyright yearRichard Levitte2021-01-282-2/+2
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-19 09:17:50 +0000