Commit graph

34 commits

Author SHA1 Message Date
Robert Swiecki
44f206aa9d Add to fuzz corpora for CVE-2016-6309
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-09-26 08:52:48 +01:00
Kurt Roeckx
5579eab9ef Update fuzz corpora
This is a new minimal corpus with the following changes:
- asn1: files: 1135 (+474), tuples: 27236 (+7496)
- asn1parse: files: 305 (-3), tuples: 8758 (+11)
- bignum: files: 370 (-1), tuples: 9547 (+10)
- bndiv: files: 160 (+0), tuples: 2416 (+6)
- cms: files: 155 (-1), tuples: 3408 (+0)
- conf: files: 231 (-11), tuples: 4668 (+3)
- crl: files: 905 (+188), tuples: 22876 (+4096)
- ct: files: 117 (+35), tuples: 3557 (+908)
- x509: files: 920, tuples: 28334

Note that tuple count depends on the binary and is random.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23 20:01:54 +01:00
Matt Caswell
255af26c5d Some minor tweaks to the fuzzing docs
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 22:07:04 +01:00
Ben Laurie
68e71e9d00 Include what we use.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 11:30:33 +01:00
Ben Laurie
620c6ad312 Fix various no-*s.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 11:30:33 +01:00
Kurt Roeckx
abdb0c7b4e Skip non-existing files.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1324
2016-07-26 21:01:05 +02:00
Matt Caswell
49dadc1cb7 Fix no-ct
Ensure that we don't build/run the ct fuzzing code if no-ct is used.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 08:18:14 +01:00
Kurt Roeckx
2980ae2e78 Add all publicly avaiable asn1 types to the asn1 fuzzer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1331
2016-07-20 19:25:16 +02:00
Matt Caswell
df0aa7770e Fix building with no-cms
The new fuzzing code broke no-cms

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 14:01:33 +01:00
Richard Levitte
7218ae5134 Use _NO_INST in some build.info files
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-18 20:49:54 +02:00
Matt Caswell
33e49fda96 Fix strict-warnings build
The i2d_SCT_LIST function is declared as __owur, therefore we need to check
the result or a --strict-warnings build will fail.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-18 10:28:45 +01:00
Kurt Roeckx
e10aeee104 fuzzers: print and convert it back
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1323
2016-07-16 21:51:53 +02:00
Richard Levitte
878f42251b Make fuzzer and fuzz tester builds less magic
Instead of having fuzz/build.info.fuzz magically and conditionally
included along with the other build.info files, incorporate it in
fuzz/build.info and add the conditions there instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-16 19:37:50 +02:00
Viktor Dukhovni
1d03b7b893 Don't rely on implicit rsa.h inclusion
With no-deprecated, some nested includes don't happen by default.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-10 21:09:38 -04:00
Rich Salz
d20841c414 Add OPENSSL_NO_EC wrapper
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-06 09:48:00 -04:00
Rich Salz
31b15b9b55 Update fuzz/README.md
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-04 09:47:27 -04:00
Richard Levitte
0483f58652 Simplify INCLUDE statements in build.info files
Now that INCLUDE considers both the source and build trees, no need
for the rel2abs perl fragment hacks any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 18:36:08 +02:00
Dr. Stephen Henson
352dbbaf4c fix 'set but not used' warning
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 16:05:37 +01:00
Kurt Roeckx
a05b0bcf87 Re-add x509 and crl fuzzer
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1276
2016-07-01 17:02:33 +02:00
Ben Laurie
90d28f0519 Run the fuzzing corpora as tests.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 13:45:45 +01:00
Alex Gaynor
03cb37acec Add comment about X509_print
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Kasper <emilia@openssl.org>

GH: #1255
2016-06-28 18:30:41 +02:00
Kurt Roeckx
f08c8c1a19 Add x509 and crl corpora
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1229
2016-06-25 11:01:29 +02:00
Kurt Roeckx
e1859d8d54 Add X509 and CRL fuzzer
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1229
2016-06-25 11:01:29 +02:00
Kurt Roeckx
d0ba3119de Update fuzz corpora
Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2986
2016-06-23 15:13:32 +02:00
Kurt Roeckx
2dca984bab Update fuzz corpora
Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2949
2016-06-14 19:30:41 +02:00
Kurt Roeckx
0a3206539a include stdlib for malloc() and free()
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1174
2016-06-11 16:43:49 +02:00
Ben Laurie
ff2c608bf6 Add fuzz corpora.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-10 13:00:31 +01:00
Kurt Roeckx
f59d0131cb Add support for fuzzing with AFL
Reviewed-by: Ben Laurie <ben@links.org>

MR: #2740
2016-06-04 14:39:24 +02:00
Ben Laurie
4a2c4c1ab8 Add ct fuzzer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-03 11:24:51 +01:00
Ben Laurie
75a112295d Linkify libfuzzer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-03 11:24:51 +01:00
Ben Laurie
e298cb10fe Fuzz everything with every input.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-03 11:24:51 +01:00
Ben Laurie
e78fadede2 Sort.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-03 11:24:51 +01:00
Rich Salz
44c8a5e2b9 Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:27:25 -04:00
Ben Laurie
c38bb72797 Add fuzzing!
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-07 18:13:54 +01:00