diff options
| author | Ben Laurie <ben@links.org> | 2016-03-26 18:19:14 +0100 |
|---|---|---|
| committer | Ben Laurie <ben@links.org> | 2016-05-07 19:13:54 +0200 |
| commit | c38bb72797916f2a0ab9906aad29162ca8d53546 (patch) | |
| tree | e3df72e2e4c4d14a822cd0a3101d005a8923a929 /fuzz/asn1.c | |
| parent | Constify PKCS12_newpass() (diff) | |
| download | openssl-c38bb72797916f2a0ab9906aad29162ca8d53546.tar.xz openssl-c38bb72797916f2a0ab9906aad29162ca8d53546.zip | |
Add fuzzing!
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Diffstat (limited to 'fuzz/asn1.c')
| -rw-r--r-- | fuzz/asn1.c | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/fuzz/asn1.c b/fuzz/asn1.c new file mode 100644 index 0000000000..fc129a86b0 --- /dev/null +++ b/fuzz/asn1.c @@ -0,0 +1,86 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL licenses, (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +/* + * Fuzz ASN.1 parsing for various data structures. Specify which on the + * command line: + * + * asn1 <data structure> + */ + +#include <stdio.h> +#include <string.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> +#include <openssl/ec.h> +#include <openssl/ocsp.h> +#include <openssl/pkcs12.h> +#include <openssl/ts.h> +#include <openssl/x509v3.h> +#include "fuzzer.h" + +static const ASN1_ITEM *item_type; + +int LLVMFuzzerInitialize(int *argc, char ***argv) { + const char *cmd; + OPENSSL_assert(*argc > 1); + + cmd = (*argv)[1]; + (*argv)[1] = (*argv)[0]; + ++*argv; + --*argc; + + // TODO: make this work like d2i_test.c does, once its decided what the + // common scheme is! +#define Y(t) if (!strcmp(cmd, #t)) item_type = ASN1_ITEM_rptr(t) +#define X(t) else Y(t) + + Y(ASN1_SEQUENCE); + X(AUTHORITY_INFO_ACCESS); + X(BIGNUM); + X(ECPARAMETERS); + X(ECPKPARAMETERS); + X(GENERAL_NAME); + X(GENERAL_SUBTREE); + X(NAME_CONSTRAINTS); + X(OCSP_BASICRESP); + X(OCSP_RESPONSE); + X(PKCS12); + X(PKCS12_AUTHSAFES); + X(PKCS12_SAFEBAGS); + X(PKCS7); + X(PKCS7_ATTR_SIGN); + X(PKCS7_ATTR_VERIFY); + X(PKCS7_DIGEST); + X(PKCS7_ENC_CONTENT); + X(PKCS7_ENCRYPT); + X(PKCS7_ENVELOPE); + X(PKCS7_RECIP_INFO); + X(PKCS7_SIGN_ENVELOPE); + X(PKCS7_SIGNED); + X(PKCS7_SIGNER_INFO); + X(POLICY_CONSTRAINTS); + X(POLICY_MAPPINGS); + X(SXNET); + //X(TS_RESP); want to do this, but type is hidden, however d2i exists... + X(X509); + X(X509_CRL); + else + OPENSSL_assert(!"Bad type"); + + return 0; +} + +int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { + const uint8_t *b = buf; + ASN1_VALUE *o = ASN1_item_d2i(NULL, &b, len, item_type); + ASN1_item_free(o, item_type); + return 0; +} |