add a fuzzer for private key parsing

This commit is contained in:
Damien Miller 2019-10-09 13:49:35 +11:00
parent cdf1d0a9f5
commit 1ba130ac8f
2 changed files with 26 additions and 1 deletions

View File

@ -7,7 +7,8 @@ CXXFLAGS=-O2 -g -Wall -Wextra -I ../../.. $(FUZZ_FLAGS)
LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS) LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS)
LIBS=-lssh -lopenbsd-compat -lcrypto $(FUZZ_LIBS) LIBS=-lssh -lopenbsd-compat -lcrypto $(FUZZ_LIBS)
TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz sshsig_fuzz sshsigopt_fuzz TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz sshsig_fuzz \
sshsigopt_fuzz privkey_fuzz
all: $(TARGETS) all: $(TARGETS)
@ -29,5 +30,8 @@ sshsig_fuzz: sshsig_fuzz.o
sshsigopt_fuzz: sshsigopt_fuzz.o sshsigopt_fuzz: sshsigopt_fuzz.o
$(CXX) -o $@ sshsigopt_fuzz.o ../../../sshsig.o $(LDFLAGS) $(LIBS) $(CXX) -o $@ sshsigopt_fuzz.o ../../../sshsig.o $(LDFLAGS) $(LIBS)
privkey_fuzz: privkey_fuzz.o
$(CXX) -o $@ privkey_fuzz.o $(LDFLAGS) $(LIBS)
clean: clean:
-rm -f *.o $(TARGETS) -rm -f *.o $(TARGETS)

View File

@ -0,0 +1,21 @@
#include <stddef.h>
#include <stdio.h>
#include <stdint.h>
extern "C" {
#include "sshkey.h"
#include "sshbuf.h"
int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
struct sshkey *k = NULL;
struct sshbuf *b = sshbuf_from(data, size);
int r = sshkey_private_deserialize(b, &k);
if (r == 0) sshkey_free(k);
sshbuf_free(b);
return 0;
}
} // extern