[openssh-commits] [openssh] 17/20: upstream commit

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 589e69fd82724cfc9738f128e4771da2e6405d0d
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sun Jan 18 19:53:58 2015 +0000

    upstream commit
    
    make the signature fuzzing test much more rigorous:
     ensure that the fuzzed input cases do not match the original (using new
     fuzz_matches_original() function) and check that the verification fails in
     each case
---
 regress/unittests/sshkey/test_fuzz.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index a3f61a6..c444c38 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_fuzz.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
+/* 	$OpenBSD: test_fuzz.c,v 1.2 2015/01/18 19:53:58 djm Exp $ */
 /*
  * Fuzz tests for key parsing
  *
@@ -87,8 +87,11 @@ sig_fuzz(struct sshkey *k)
 	free(sig);
 	TEST_ONERROR(onerror, fuzz);
 	for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
-		sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz),
-		    c, sizeof(c), 0);
+		/* Ensure 1-bit difference at least */
+		if (fuzz_matches_original(fuzz))
+			continue;
+		ASSERT_INT_NE(sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz),
+		    c, sizeof(c), 0), 0);
 	}
 	fuzz_cleanup(fuzz);
 }

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.