summaryrefslogtreecommitdiff
path: root/fuzz/corpora
Commit message (Collapse)AuthorAgeFilesLines
* Update the corpora submoduleMatt Caswell2023-05-081-0/+0
| | | | | | | | | | We update the corpora submodule to include a fuzz testcase for the conf timeout. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20839)
* Update the corporaMatt Caswell2023-05-011-0/+0
| | | | | | | | | Updated the fuzz corpora to include a testcase for the zero length handshake fragment records issue fixed by the previous commit. Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20824)
* Add openssl/fuzz-corpora repository as submoduleTomas Mraz2023-04-111-0/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20683)
* Remove fuzz corpora data from the repositoryTomas Mraz2023-04-1119718-20041/+0
| | | | | | | | To be replaced with a git submodule. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20683)
* Add fuzz test for v3nameHardik Shah2023-03-011-0/+0
| | | | | | | | | | | | v3name_fuzzer build modifications create 99-test_fuzz_v3name_fuzzer.t test corpus for cve-2023-0286 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20274)
* Added a fuzzer for SMIMEAlex Gaynor2023-02-271-0/+91
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20332)
* fuzz: add punycode decoder fuzz testPauli2022-11-112-0/+0
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/19591)
* increase x509 code coverage metricsTavis Ormandy2021-09-2338-0/+0
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16651)
* Fix the error handling in i2v_AUTHORITY_KEYIDMatt Caswell2021-08-241-0/+0
| | | | | | | | Previously if an error path is entered a leak could result. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David Benjamin <davidben@google.com>
* Test that X509_issuer_and_serial_hash doesn't crashMatt Caswell2021-02-161-0/+0
| | | | | | | | Provide a certificate with a bad issuer and check that X509_issuer_and_serial_hash doesn't crash. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
* Don't Overflow when printing Thawte Strong Extranet VersionMatt Caswell2020-12-021-0/+0
| | | | | | | | | | | When printing human readable info on the Thawte Strong Extranet extension the version number could overflow if the version number == LONG_MAX. This is undefined behaviour. Issue found by OSSFuzz. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/13452)
* Add CMP fuzzing to fuzz/cmp.c, including a couple of helpers in crypto/cmp/Dr. David von Oheimb2020-04-184564-0/+51
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11386)
* Don't assume the type we read was the type we expectedMatt Caswell2019-11-041-0/+0
| | | | | | | | | | | | | | | i2v_GENERAL_NAME and GENERAL_NAME_print were assuming that the type of of a GENERAL_NAME (OTHERNAME) that we read in was the type we expected it to be. If its something else then this can cause unexpected behaviour. In the added fuzz test case an OOB read was occurring. This issue was recently added by commit 4baee2d. Credit to OSSFuzz for finding this issue. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10300)
* Update fuzz corporaKurt Roeckx2018-08-2327437-7611/+19285
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> GH: #7033
* Add fuzz corpora file that found the ASN.1 stack depth issueMatt Caswell2018-03-271-0/+0
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Update asn1 and x509 corporaKurt Roeckx2017-11-037760-166/+124
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4653
* Update fuzz corporaKurt Roeckx2017-07-0222495-2943/+7089
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #3829
* Fix out-of-memory condition in confMatt Caswell2017-03-121-0/+41
| | | | | | | | | | | | conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion. Credit to OSS-Fuzz for finding this problem. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2894)
* Update client, server and x509 fuzz corpusKurt Roeckx2017-02-216183-6/+3
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2682
* Update client and server corpusKurt Roeckx2017-01-294777-0/+1
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2318
* Update fuzz corporaKurt Roeckx2017-01-068085-237/+216
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Update fuzz corporaKurt Roeckx2016-12-192442-0/+0
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #2090
* Update client fuzz corpusKurt Roeckx2016-12-09310-0/+0
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2060
* Update client fuzzer corpusKurt Roeckx2016-12-091427-1/+0
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2053
* Fuzz corpora updateKurt Roeckx2016-12-089069-1247/+3758
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2041
* Update fuzz corporaKurt Roeckx2016-11-123895-654/+374
| | | | | | | | New minimal fuzz corpora set Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #1910
* Update fuzz corporaKurt Roeckx2016-10-102325-124/+59
| | | | | | | | New minimal fuzz corpora for asn1, asn1parse, bndiv, crl and x509 Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #1678
* Add to fuzz corpora for CVE-2016-6309Robert Swiecki2016-09-263-0/+0
| | | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Update fuzz corporaKurt Roeckx2016-08-234156-608/+568
| | | | | | | | | | | | | | | | | | This is a new minimal corpus with the following changes: - asn1: files: 1135 (+474), tuples: 27236 (+7496) - asn1parse: files: 305 (-3), tuples: 8758 (+11) - bignum: files: 370 (-1), tuples: 9547 (+10) - bndiv: files: 160 (+0), tuples: 2416 (+6) - cms: files: 155 (-1), tuples: 3408 (+0) - conf: files: 231 (-11), tuples: 4668 (+3) - crl: files: 905 (+188), tuples: 22876 (+4096) - ct: files: 117 (+35), tuples: 3557 (+908) - x509: files: 920, tuples: 28334 Note that tuple count depends on the binary and is random. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add x509 and crl corporaKurt Roeckx2016-06-25717-0/+14
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1229
* Update fuzz corporaKurt Roeckx2016-06-23580-96/+106
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #2986
* Update fuzz corporaKurt Roeckx2016-06-143352-356/+1937
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #2949
* Add fuzz corpora.Ben Laurie2016-06-101464-0/+373
Reviewed-by: Richard Levitte <levitte@openssl.org>