summaryrefslogtreecommitdiff
path: root/fuzz
Commit message (Collapse)AuthorAgeFilesLines
* pkcs12: do not go try calculating pbkdf2 with 0 iterationsDmitry Baryshkov2020-01-281-0/+0
| | | | | | | Nettle will abort on a call to pbkdf2 if iterations is 0. Add check to GnuTLS PKCS12 GOST code to check that iter is not 0. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* fuzz: fixed Ed448 fuzzer tracesNikos Mavrogiannopoulos2020-01-254-2/+2
| | | | | | | | | The fuzzer files for ed448 were the reverse for client and server. Enhanced the fuzzer tools to run a single fuzzer, and added more clear documentation on how to generate and manually test the fuzzer outputs. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* README-adding-traces.md: updated with more precise informationNikos Mavrogiannopoulos2020-01-251-0/+17
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzzers: added ed448 keysNikos Mavrogiannopoulos2020-01-256-14/+103
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzzers: when provided with a parameter they will run on a single fileNikos Mavrogiannopoulos2020-01-251-25/+39
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'tmp-ed448' into 'master'Daiki Ueno2020-01-244-0/+0
|\ | | | | | | | | algorithms: implement X448 key exchange and Ed448 signature scheme See merge request gnutls/gnutls!984
| * fuzz: import key, certificate, and traces using Ed448tmp-ed448Daiki Ueno2020-01-234-0/+0
| | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | fuzz in gost pkcs7/8/12 filesDmitry Baryshkov2020-01-2037-0/+0
|/ | | | | | | Add several examples of PKCS#7/#8/#12 files using GOST keys, ciphers and digest functions. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* Merge branch 'tmp-check-dup-extensions' into 'master'Nikos Mavrogiannopoulos2020-01-091-0/+7
|\ | | | | | | | | | | | | x509: reject certificates having duplicate extensions Closes #887 See merge request gnutls/gnutls!1145
| * fuzz: import certificate with and without sanity checksNikos Mavrogiannopoulos2020-01-031-0/+7
| | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | Fix '-Werror=unused-const-variable=' in fuzz/Tim Rühsen2020-01-032-0/+14
|/ | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Sync with fuzzers from OSS-FuzzTim Rühsen2019-12-18832-1500/+0
| | | | | | | Only lots of corpora removed (by merge step). Not sure why. But there are several new UBs detected. Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Amend fuzz scripts and README for clang-8Tim Rühsen2019-12-182-6/+7
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Add fuzz corpora for gnutls_ext_raw_parse_fuzzerTim Rühsen2019-12-184-0/+0
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* fuzzer: added fuzzer for gnutls_ext_raw_parse()Nikos Mavrogiannopoulos2019-12-1832-23/+77
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Added initial corpora for rawpk client and server fuzzers.Tom Vrancken2019-09-022-0/+0
| | | | Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
* Implemented server rawpk fuzzer.Tom Vrancken2019-09-022-0/+106
| | | | Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
* Implemented client rawpk fuzzer.Tom Vrancken2019-09-023-0/+175
| | | | Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
* encode_ber_digest_info: added sanity checkNikos Mavrogiannopoulos2019-07-081-0/+0
| | | | | | | Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15665 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* fuzz: improvements in gnutls_x509_verify_fuzzer [ci skip]Nikos Mavrogiannopoulos2019-03-29431-4/+68
| | | | | | | Added a larger set of corpus (generated with afl-fuzz), and made sure that the fuzzer application crashes if verification succeeds. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzz: added fuzzer for certificate verificationNikos Mavrogiannopoulos2019-03-275-0/+204
| | | | | | | | This also adds a reproducer for CVE-2019-3829. Resolves: #694 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Use https:// for arbitrary files #1Tim Rühsen2019-03-1315-15/+15
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Use https:// for www.gnu.org and www.example.comTim Rühsen2019-03-131-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* .gitlab-ci.yml: added thread sanitizer runtmp-false-start-clarificationsNikos Mavrogiannopoulos2019-03-021-1/+0
| | | | | | | This checks for unsafe uses of variables in our included threaded tests. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Fetch OSS-Fuzz corpora much faster [skip ci]tmp-fetch-fuzz-corpora-fasterTim Rühsen2019-02-053-9/+35
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Fix OSS-Fuzz buildtmp-fix-ossfuzzTim Rühsen2018-12-291-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* fuzz: updated traces for final TLS1.3 versionNikos Mavrogiannopoulos2018-08-206-0/+0
| | | | | | Resolves #359 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzz: updated traces for latest TLS1.3 draftNikos Mavrogiannopoulos2018-07-277-0/+26
| | | | | | Relates #359 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Fix test code for -WerrorTim Rühsen2018-06-211-0/+4
|
* Remove oss-fuzz copora from tarballTim Rühsen2018-06-202-11/+38
| | | | | | The size of the corpora is huge and not needed for normal builds. This patch also fixes test run issues on Windows.
* fuzzer: added fresh TLS1.3 server traceNikos Mavrogiannopoulos2018-05-051-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzz: corrected TLS1.3 enablement [ci skip]Nikos Mavrogiannopoulos2018-04-225-4/+7
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tls13/finished: addressed memory leak in receiving finished packetNikos Mavrogiannopoulos2018-04-171-0/+0
| | | | | | | Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7518 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* ext/psk_ke_modes: corrected data accessNikos Mavrogiannopoulos2018-04-071-0/+0
| | | | | | | | | That also improves the if-checks. Issue and reproducer discovered via oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7470 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzz: added client and server traces for TLS 1.3 draft-26 [ci skip]Nikos Mavrogiannopoulos2018-04-076-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzz: added PSK traces with TLS1.3Nikos Mavrogiannopoulos2018-04-066-2/+2
| | | | | | Relates: #359 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: moved invalid-cert reproducer into fuzz/ reproducersNikos Mavrogiannopoulos2018-03-191-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Improve fuzzer coverage report creationTim Rühsen2018-03-043-14/+22
|
* Update oss-fuzz corporaTim Rühsen2018-02-272919-272/+3247
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* fuzz: added TLS1.3 client and server traces [ci skip]tmp-extend-fuzzer-with-tls13-traceNikos Mavrogiannopoulos2018-02-212-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* fuzz: enable fuzzer target in afl examples and add missing script [ci skip]Nikos Mavrogiannopoulos2018-02-212-2/+51
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* fuzz: fixes in README file [ci skip]Nikos Mavrogiannopoulos2018-02-211-5/+16
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* fuzz: enable TLS1.3 in server and client fuzzersNikos Mavrogiannopoulos2018-02-192-2/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* fuzz: added reproducer for leak in gnutls_x509_crl_list_importtmp-mem-leakNikos Mavrogiannopoulos2018-01-101-0/+1
| | | | | | | That was detected by oss-fuzz in: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4930 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_pkcs12_key_parser_fuzzer.in: added reproducer for oss-fuzz #4890Nikos Mavrogiannopoulos2018-01-091-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* fuzz: srp-client: decreased acceptable prime bits to 1024 [ci skip]Nikos Mavrogiannopoulos2017-11-211-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* fuzz: srp-client: restrict prime bits to 1537 [ci skip]Nikos Mavrogiannopoulos2017-11-201-0/+1
| | | | | | | That avoids timeouts in the oss-fuzz infrastructure: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3277 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_x509_ext_import_proxy: corrected memory leakNikos Mavrogiannopoulos2017-11-151-0/+0
| | | | | | | | | Also added reproducer for the memory leak found. Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3159 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Use $(LIBDL) instead of hardcoding -ldl.Thomas Klausner2017-09-061-1/+1
|
* fuzzer: Enhance code coverage of gnutls_base64_encoder_fuzzerTim Rühsen2017-08-241-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
View Lorry Controller Status