Age | Commit message (Collapse) | Author |
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4367)
|
|
Use the defined typechecking stack method to sort the compression methods stack
rather than using the generic function and apply type casts.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4382)
|
|
CLA: trivial
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4119)
|
|
Use an inline rand.inc; this fixes Google's OSS-Fuzz builds.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4141)
|
|
Instead of setting a "magic" global variable to force RAND to keep
consistent state and always generate the same bytestream, have
the fuzzing code install its own RAND_METHOD that does this. For
BN_RAND_DEBUG, we just don't do it; that debugging was about mucking
with BN's internal representation, not requiring predictable rand
bytes.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4025)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #3829
|
|
Approach was opportunistic in Windows context from its inception
and on top of that it was proven to be error-prone at link stage.
Correct answer is to introduce library-specific time function that
we can control in platform-neutral manner. Meanwhile we just let
be attempts to override time on Windows.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3320)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3248)
|
|
This adds a way to use the last byte of the buffer to change the
behavior of the server. The last byte is used so that the existing
corpus can be reused either without changing it, or just adding a single
byte, and that it can still be used by other projects.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
|
|
Don't compile code that still uses LONG when it's deprecated
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3126)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3126)
|
|
Document thread-safety issues
Have RSA_null return NULL (always fails)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2244)
|
|
conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.
Credit to OSS-Fuzz for finding this problem.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2894)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2682
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2318
|
|
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2192)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2182
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2182
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2182
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2182
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2182
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #2090
|
|
Also send a SNI extension in the client so the fuzzer can react to it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2088
|
|
We use those parameters for calculating the coverage.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2088
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2060
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2053
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2041
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2041
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2041
|
|
We want to be in the same global state each time we come in
FuzzerTestOneInput(). There are various reasons why we might not be that
include:
- Initialization that happens on first use. This is mostly the
RUN_ONCE() things, or loading of error strings.
- Results that get cached. For instance a stack that is sorted, RSA
blinding that has been set up, ...
So I try to trigger as much as possible in FuzzerInitialize(), and for
things I didn't find out how to trigger this it needs to happen in
FuzzerTestOneInput().
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
This is something you might want to change depending on the version to
use, there is no point in us fixing this to something.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
This allows to free everything we allocated, so we can detect memory
leaks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
There was a time it could be NULL, but that was changed to always have it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
New minimal fuzz corpora set
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #1910
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1828
|
|
CLA: trivial
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1801)
|
|
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1788
|
|
New minimal fuzz corpora for asn1, asn1parse, bndiv, crl and x509
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #1678
|
|
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
This is a new minimal corpus with the following changes:
- asn1: files: 1135 (+474), tuples: 27236 (+7496)
- asn1parse: files: 305 (-3), tuples: 8758 (+11)
- bignum: files: 370 (-1), tuples: 9547 (+10)
- bndiv: files: 160 (+0), tuples: 2416 (+6)
- cms: files: 155 (-1), tuples: 3408 (+0)
- conf: files: 231 (-11), tuples: 4668 (+3)
- crl: files: 905 (+188), tuples: 22876 (+4096)
- ct: files: 117 (+35), tuples: 3557 (+908)
- x509: files: 920, tuples: 28334
Note that tuple count depends on the binary and is random.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|