[openssh-commits] [openssh] 01/01: unbreak fuzzers for recent security key changes
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Nov 25 21:48:11 AEDT 2019
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 9281d4311b8abc63b88259f354944c53f9b0b3c7
Author: Damien Miller <djm at mindrot.org>
Date: Mon Nov 25 21:47:49 2019 +1100
unbreak fuzzers for recent security key changes
---
regress/misc/fuzz-harness/Makefile | 2 +-
regress/misc/fuzz-harness/sig_fuzz.cc | 24 ++++++++++++++++++------
regress/misc/fuzz-harness/sshsig_fuzz.cc | 4 +++-
3 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/regress/misc/fuzz-harness/Makefile b/regress/misc/fuzz-harness/Makefile
index e164e886..f02d6858 100644
--- a/regress/misc/fuzz-harness/Makefile
+++ b/regress/misc/fuzz-harness/Makefile
@@ -5,7 +5,7 @@ FUZZ_LIBS=-lFuzzer
CXXFLAGS=-O2 -g -Wall -Wextra -I ../../.. $(FUZZ_FLAGS)
LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS)
-LIBS=-lssh -lopenbsd-compat -lcrypto $(FUZZ_LIBS)
+LIBS=-lssh -lopenbsd-compat -lcrypto -lfido2 -lcbor $(FUZZ_LIBS)
TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz sshsig_fuzz \
sshsigopt_fuzz privkey_fuzz
diff --git a/regress/misc/fuzz-harness/sig_fuzz.cc b/regress/misc/fuzz-harness/sig_fuzz.cc
index dd1fda09..b32502ba 100644
--- a/regress/misc/fuzz-harness/sig_fuzz.cc
+++ b/regress/misc/fuzz-harness/sig_fuzz.cc
@@ -31,19 +31,31 @@ int LLVMFuzzerTestOneInput(const uint8_t* sig, size_t slen)
static struct sshkey *ecdsa384 = generate_or_die(KEY_ECDSA, 384);
static struct sshkey *ecdsa521 = generate_or_die(KEY_ECDSA, 521);
#endif
+ struct sshkey_sig_details *details = NULL;
static struct sshkey *ed25519 = generate_or_die(KEY_ED25519, 0);
static const char *data = "If everyone started announcing his nose had "
"run away, I don’t know how it would all end";
static const size_t dlen = strlen(data);
#ifdef WITH_OPENSSL
- sshkey_verify(rsa, sig, slen, (const u_char *)data, dlen, NULL, 0);
- sshkey_verify(dsa, sig, slen, (const u_char *)data, dlen, NULL, 0);
- sshkey_verify(ecdsa256, sig, slen, (const u_char *)data, dlen, NULL, 0);
- sshkey_verify(ecdsa384, sig, slen, (const u_char *)data, dlen, NULL, 0);
- sshkey_verify(ecdsa521, sig, slen, (const u_char *)data, dlen, NULL, 0);
+ sshkey_verify(rsa, sig, slen, (const u_char *)data, dlen, NULL, 0, &details);
+ sshkey_sig_details_free(details);
+ details = NULL;
+ sshkey_verify(dsa, sig, slen, (const u_char *)data, dlen, NULL, 0, &details);
+ sshkey_sig_details_free(details);
+ details = NULL;
+ sshkey_verify(ecdsa256, sig, slen, (const u_char *)data, dlen, NULL, 0, &details);
+ sshkey_sig_details_free(details);
+ details = NULL;
+ sshkey_verify(ecdsa384, sig, slen, (const u_char *)data, dlen, NULL, 0, &details);
+ sshkey_sig_details_free(details);
+ details = NULL;
+ sshkey_verify(ecdsa521, sig, slen, (const u_char *)data, dlen, NULL, 0, &details);
+ sshkey_sig_details_free(details);
+ details = NULL;
#endif
- sshkey_verify(ed25519, sig, slen, (const u_char *)data, dlen, NULL, 0);
+ sshkey_verify(ed25519, sig, slen, (const u_char *)data, dlen, NULL, 0, &details);
+ sshkey_sig_details_free(details);
return 0;
}
diff --git a/regress/misc/fuzz-harness/sshsig_fuzz.cc b/regress/misc/fuzz-harness/sshsig_fuzz.cc
index fe09ccb8..02211a09 100644
--- a/regress/misc/fuzz-harness/sshsig_fuzz.cc
+++ b/regress/misc/fuzz-harness/sshsig_fuzz.cc
@@ -22,10 +22,12 @@ int LLVMFuzzerTestOneInput(const uint8_t* sig, size_t slen)
struct sshbuf *signature = sshbuf_from(sig, slen);
struct sshbuf *message = sshbuf_from(data, strlen(data));
struct sshkey *k = NULL;
+ struct sshkey_sig_details *details = NULL;
extern char *__progname;
log_init(__progname, SYSLOG_LEVEL_QUIET, SYSLOG_FACILITY_USER, 1);
- sshsig_verifyb(signature, message, "castle", &k);
+ sshsig_verifyb(signature, message, "castle", &k, &details);
+ sshkey_sig_details_free(details);
sshkey_free(k);
sshbuf_free(signature);
sshbuf_free(message);
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list