diff options
author | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2017-01-20 12:33:54 +0100 |
---|---|---|
committer | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2017-01-20 12:33:54 +0100 |
commit | 1094c84f2967a6dd16debdaca90c33782c291596 (patch) | |
tree | 69f597cfbcdde9ec17f9aa2f27867bd8c9e48240 | |
parent | da542a6265706007560bca0f77714feabc0c230c (diff) | |
download | nss-hg-1094c84f2967a6dd16debdaca90c33782c291596.tar.gz |
Bug 1332638 - fuzz PK11_Hashing, r=ttaubert
Differential Revision: https://nss-review.dev.mozaws.net/D158
-rw-r--r-- | fuzz/cert_target.cc | 1 | ||||
-rw-r--r-- | fuzz/fuzz.gyp | 17 | ||||
-rw-r--r-- | fuzz/hash_target.cc | 42 | ||||
-rw-r--r-- | fuzz/pkcs8_target.cc | 1 | ||||
-rw-r--r-- | fuzz/shared.h | 1 | ||||
-rw-r--r-- | fuzz/spki_target.cc | 1 |
6 files changed, 58 insertions, 5 deletions
diff --git a/fuzz/cert_target.cc b/fuzz/cert_target.cc index e59a3cf60..bcbef0a4e 100644 --- a/fuzz/cert_target.cc +++ b/fuzz/cert_target.cc @@ -3,7 +3,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "FuzzerInternal.h" -#include "FuzzerRandom.h" #include "asn1_mutators.h" #include "shared.h" diff --git a/fuzz/fuzz.gyp b/fuzz/fuzz.gyp index 3e4c62c2b..deb1c6fee 100644 --- a/fuzz/fuzz.gyp +++ b/fuzz/fuzz.gyp @@ -125,13 +125,26 @@ ], }, { + 'target_name': 'nssfuzz-hash', + 'type': 'executable', + 'sources': [ + 'hash_target.cc', + 'initialize.cc', + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports', + 'fuzz_base', + ], + }, + { 'target_name': 'nssfuzz', 'type': 'none', 'dependencies': [ 'nssfuzz-cert', - 'nssfuzz-spki', + 'nssfuzz-hash', 'nssfuzz-pkcs8', - ], + 'nssfuzz-spki', + ] } ], } diff --git a/fuzz/hash_target.cc b/fuzz/hash_target.cc new file mode 100644 index 000000000..dad89e8e3 --- /dev/null +++ b/fuzz/hash_target.cc @@ -0,0 +1,42 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include <memory> +#include <vector> + +#include "FuzzerInternal.h" +#include "hasht.h" +#include "pk11pub.h" +#include "secoidt.h" +#include "shared.h" + +extern const uint16_t DEFAULT_MAX_LENGTH = 4096U; + +const std::vector<SECOidTag> algos = {SEC_OID_MD5, SEC_OID_SHA1, SEC_OID_SHA256, + SEC_OID_SHA384, SEC_OID_SHA512}; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + uint8_t hashOut[HASH_LENGTH_MAX]; + + static std::unique_ptr<NSSDatabase> db(new NSSDatabase()); + assert(db != nullptr); + + // simple hashing. + for (auto algo : algos) { + assert(PK11_HashBuf(algo, hashOut, data, size) == SECSuccess); + } + + // hashing with context. + for (auto algo : algos) { + unsigned int len = 0; + PK11Context *context = PK11_CreateDigestContext(algo); + assert(context != nullptr); + assert(PK11_DigestBegin(context) == SECSuccess); + assert(PK11_DigestFinal(context, hashOut, &len, HASH_LENGTH_MAX) == + SECSuccess); + PK11_DestroyContext(context, PR_TRUE); + } + + return 0; +} diff --git a/fuzz/pkcs8_target.cc b/fuzz/pkcs8_target.cc index cfc1a9137..04a157a53 100644 --- a/fuzz/pkcs8_target.cc +++ b/fuzz/pkcs8_target.cc @@ -9,7 +9,6 @@ #include "pk11pub.h" #include "FuzzerInternal.h" -#include "FuzzerRandom.h" #include "asn1_mutators.h" #include "assert.h" #include "shared.h" diff --git a/fuzz/shared.h b/fuzz/shared.h index 3aac0d118..69e429824 100644 --- a/fuzz/shared.h +++ b/fuzz/shared.h @@ -7,6 +7,7 @@ #ifndef shared_h__ #define shared_h__ +#include "FuzzerRandom.h" #include "cert.h" #include "nss.h" diff --git a/fuzz/spki_target.cc b/fuzz/spki_target.cc index c91e0d4c7..708ba3bf8 100644 --- a/fuzz/spki_target.cc +++ b/fuzz/spki_target.cc @@ -3,7 +3,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "FuzzerInternal.h" -#include "FuzzerRandom.h" #include "asn1_mutators.h" #include "shared.h" |