diff options
-rw-r--r-- | fuzz/asn1parse.c | 5 | ||||
-rw-r--r-- | fuzz/bndiv.c | 5 | ||||
-rw-r--r-- | fuzz/cms.c | 5 | ||||
-rw-r--r-- | fuzz/conf.c | 4 | ||||
-rw-r--r-- | fuzz/crl.c | 6 | ||||
-rw-r--r-- | fuzz/ct.c | 5 | ||||
-rw-r--r-- | fuzz/server.c | 73 | ||||
-rw-r--r-- | fuzz/x509.c | 5 |
8 files changed, 81 insertions, 27 deletions
diff --git a/fuzz/asn1parse.c b/fuzz/asn1parse.c index 3e11d350c1..cf5ef72a13 100644 --- a/fuzz/asn1parse.c +++ b/fuzz/asn1parse.c @@ -16,6 +16,7 @@ #include <openssl/asn1.h> #include <openssl/x509.h> #include <openssl/x509v3.h> +#include <openssl/err.h> #include "fuzzer.h" static BIO *bio_out; @@ -23,12 +24,16 @@ static BIO *bio_out; int FuzzerInitialize(int *argc, char ***argv) { bio_out = BIO_new_file("/dev/null", "w"); + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); return 1; } int FuzzerTestOneInput(const uint8_t *buf, size_t len) { (void)ASN1_parse_dump(bio_out, buf, len, 0, 0); + ERR_clear_error(); return 0; } diff --git a/fuzz/bndiv.c b/fuzz/bndiv.c index dd6d9cfafe..30d84482a6 100644 --- a/fuzz/bndiv.c +++ b/fuzz/bndiv.c @@ -15,6 +15,7 @@ #include <stdio.h> #include <openssl/bn.h> +#include <openssl/err.h> #include "fuzzer.h" static BN_CTX *ctx; @@ -33,6 +34,9 @@ int FuzzerInitialize(int *argc, char ***argv) b5 = BN_new(); ctx = BN_CTX_new(); + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + return 1; } @@ -104,6 +108,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) done: OPENSSL_assert(success); + ERR_clear_error(); return 0; } diff --git a/fuzz/cms.c b/fuzz/cms.c index b57a6de96a..959ef9365a 100644 --- a/fuzz/cms.c +++ b/fuzz/cms.c @@ -14,10 +14,14 @@ #include <openssl/bio.h> #include <openssl/cms.h> +#include <openssl/err.h> #include "fuzzer.h" int FuzzerInitialize(int *argc, char ***argv) { + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); return 1; } @@ -41,6 +45,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) } BIO_free(in); + ERR_clear_error(); return 0; } diff --git a/fuzz/conf.c b/fuzz/conf.c index 27429c570f..87fe857099 100644 --- a/fuzz/conf.c +++ b/fuzz/conf.c @@ -13,10 +13,13 @@ */ #include <openssl/conf.h> +#include <openssl/err.h> #include "fuzzer.h" int FuzzerInitialize(int *argc, char ***argv) { + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); return 1; } @@ -35,6 +38,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) NCONF_load_bio(conf, in, &eline); NCONF_free(conf); BIO_free(in); + ERR_clear_error(); return 0; } diff --git a/fuzz/crl.c b/fuzz/crl.c index decf19e9d3..e4b0192f05 100644 --- a/fuzz/crl.c +++ b/fuzz/crl.c @@ -10,10 +10,14 @@ #include <openssl/x509.h> #include <openssl/bio.h> +#include <openssl/err.h> #include "fuzzer.h" int FuzzerInitialize(int *argc, char ***argv) { + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); return 1; } @@ -33,6 +37,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) X509_CRL_free(crl); } + ERR_clear_error(); + return 0; } @@ -14,10 +14,14 @@ #include <stdio.h> #include <openssl/ct.h> +#include <openssl/err.h> #include "fuzzer.h" int FuzzerInitialize(int *argc, char ***argv) { + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + CRYPTO_free_ex_index(0, -1); + ERR_get_state(); return 1; } @@ -38,6 +42,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) SCT_LIST_free(scts); } + ERR_clear_error(); return 0; } diff --git a/fuzz/server.c b/fuzz/server.c index 4f2c794a4c..3b5df9dc42 100644 --- a/fuzz/server.c +++ b/fuzz/server.c @@ -16,6 +16,7 @@ #include <openssl/rand.h> #include <openssl/ssl.h> #include <openssl/rsa.h> +#include <openssl/err.h> #include "fuzzer.h" static const uint8_t kCertificateDER[] = { @@ -189,34 +190,29 @@ static const uint8_t kRSAPrivateKeyDER[] = { 0x98, 0x46, 0x89, 0x82, 0x40, }; -static SSL_CTX *ctx; - #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION extern int rand_predictable; #endif +#define ENTROPY_NEEDED 32 + +/* unused, to avoid warning. */ +static int idx; int FuzzerInitialize(int *argc, char ***argv) { - const uint8_t *bufp = kRSAPrivateKeyDER; - RSA *privkey; - EVP_PKEY *pkey; - int ret; - X509 *cert; + STACK_OF(SSL_COMP) *comp_methods; + + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ASYNC, NULL); + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); + idx = SSL_get_ex_data_X509_STORE_CTX_idx(); + RAND_add("", 1, ENTROPY_NEEDED); + RAND_status(); + RSA_get_default_method(); + comp_methods = SSL_COMP_get_compression_methods(); + OPENSSL_sk_sort((OPENSSL_STACK *)comp_methods); - ctx = SSL_CTX_new(SSLv23_method()); - privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER)); - OPENSSL_assert(privkey != NULL); - pkey = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(pkey, privkey); - ret = SSL_CTX_use_PrivateKey(ctx, pkey); - OPENSSL_assert(ret == 1); - EVP_PKEY_free(pkey); - bufp = kCertificateDER; - cert = d2i_X509(NULL, &bufp, sizeof(kCertificateDER)); - OPENSSL_assert(cert != NULL); - ret = SSL_CTX_use_certificate(ctx, cert); - OPENSSL_assert(ret == 1); - X509_free(cert); #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION rand_predictable = 1; @@ -230,16 +226,37 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) SSL *server; BIO *in; BIO *out; - if (!len) { + SSL_CTX *ctx; + int ret; + RSA *privkey; + const uint8_t *bufp = kRSAPrivateKeyDER; + EVP_PKEY *pkey; + X509 *cert; + + if (len == 0) return 0; - } - /* TODO: make this work for OpenSSL. There's a PREDICT define that may do - * the job. + + /* * TODO: use the ossltest engine (optionally?) to disable crypto checks. - * RAND_reset_for_fuzzing(); */ /* This only fuzzes the initial flow from the client so far. */ + ctx = SSL_CTX_new(SSLv23_method()); + privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER)); + OPENSSL_assert(privkey != NULL); + pkey = EVP_PKEY_new(); + EVP_PKEY_assign_RSA(pkey, privkey); + ret = SSL_CTX_use_PrivateKey(ctx, pkey); + OPENSSL_assert(ret == 1); + EVP_PKEY_free(pkey); + + bufp = kCertificateDER; + cert = d2i_X509(NULL, &bufp, sizeof(kCertificateDER)); + OPENSSL_assert(cert != NULL); + ret = SSL_CTX_use_certificate(ctx, cert); + OPENSSL_assert(ret == 1); + X509_free(cert); + server = SSL_new(ctx); in = BIO_new(BIO_s_mem()); out = BIO_new(BIO_s_mem()); @@ -256,10 +273,12 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) } } SSL_free(server); + ERR_clear_error(); + SSL_CTX_free(ctx); + return 0; } void FuzzerCleanup(void) { - SSL_CTX_free(ctx); } diff --git a/fuzz/x509.c b/fuzz/x509.c index 78fef6c3ff..8d383e4aba 100644 --- a/fuzz/x509.c +++ b/fuzz/x509.c @@ -10,10 +10,14 @@ #include <openssl/x509.h> #include <openssl/bio.h> +#include <openssl/err.h> #include "fuzzer.h" int FuzzerInitialize(int *argc, char ***argv) { + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); return 1; } @@ -34,6 +38,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) X509_free(x509); } + ERR_clear_error(); return 0; } |