diff options
author | 2016-12-15 15:01:36 -0500 | |
---|---|---|
committer | 2016-12-15 12:01:36 -0800 | |
commit | f4121e3f614a37f562eb1d15a0b201ae9f103470 (patch) | |
tree | ef573046ceb2dfaf329ac88cfa28ad43d013d94a /projects/gnutls | |
parent | 12a616fc2df044f28605fc5a4ef49bce2bccbdc6 (diff) |
Move the gnutls fuzzers to their own repo. (#188)
Also add two new ones.
Diffstat (limited to 'projects/gnutls')
-rw-r--r-- | projects/gnutls/Dockerfile | 15 | ||||
-rwxr-xr-x | projects/gnutls/build.sh | 14 | ||||
-rw-r--r-- | projects/gnutls/gnutls_client_fuzzer.cc | 73 | ||||
-rw-r--r-- | projects/gnutls/gnutls_x509_parser_fuzzer.cc | 47 |
4 files changed, 21 insertions, 128 deletions
diff --git a/projects/gnutls/Dockerfile b/projects/gnutls/Dockerfile index 6b0e9ae8..013889b9 100644 --- a/projects/gnutls/Dockerfile +++ b/projects/gnutls/Dockerfile @@ -32,11 +32,24 @@ RUN cd client-testcases/ && curl https://boringssl.googlesource.com/boringssl/+a RUN cp openssl/fuzz/corpora/client/* client-testcases/ RUN zip gnutls_client_fuzzer_seed_corpus.zip client-testcases/* +# Applies to servers as well +RUN mkdir server-testcases +RUN cd server-testcases && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/server_corpus.tar.gz | tar -zx +RUN cd server-testcases/ && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/server_corpus_no_fuzzer_mode.tar.gz | tar -zx +RUN cp openssl/fuzz/corpora/server/* server-testcases/ +RUN zip gnutls_server_fuzzer_seed_corpus.zip server-testcases/* + # Same thing for X.509 RUN mkdir x509-testcases RUN cd x509-testcases/ && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/cert_corpus.tar.gz | tar -zx RUN cp openssl/fuzz/corpora/x509/* x509-testcases/ RUN zip gnutls_x509_parser_fuzzer_seed_corpus.zip x509-testcases/* +# And private keys +RUN mkdir private-key-testcases +RUN cd private-key-testcases && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/privkey_corpus.tar.gz | tar -zx +RUN cd private-key-testcases && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/pkcs8_corpus.tar.gz | tar -zx +RUN zip gnutls_private_key_parser_fuzzer_seed_corpus.zip private-key-testcases/* + WORKDIR gnutls -COPY build.sh gnutls_client_fuzzer.cc gnutls_x509_parser_fuzzer.cc $SRC/ +COPY build.sh $SRC/ diff --git a/projects/gnutls/build.sh b/projects/gnutls/build.sh index 83e44b68..52c77de4 100755 --- a/projects/gnutls/build.sh +++ b/projects/gnutls/build.sh @@ -19,16 +19,16 @@ make bootstrap ./configure --enable-gcc-warnings --enable-static --with-included-libtasn1 --with-included-unistring --without-p11-kit --disable-doc make "-j$(nproc)" -fuzzers=" -client -x509_parser -" +fuzzers=$(find devel/fuzz/ -name "*_fuzzer.cc") -for fuzzer in $fuzzers; do +for f in $fuzzers; do + fuzzer=$(basename "$f" ".cc") $CXX $CXXFLAGS -std=c++11 -Ilib/includes \ - "$SRC/gnutls_${fuzzer}_fuzzer.cc" -o "$OUT/gnutls_${fuzzer}_fuzzer" \ + "devel/fuzz/${fuzzer}.cc" -o "$OUT/${fuzzer}" \ lib/.libs/libgnutls.a -lFuzzingEngine -lpthread -Wl,-Bstatic \ -lhogweed -lnettle -lgmp -Wl,-Bdynamic - cp "$SRC/gnutls_${fuzzer}_fuzzer_seed_corpus.zip" "$OUT/" + if [ -f "$SRC/${fuzzer}_seed_corpus.zip" ]; then + cp "$SRC/${fuzzer}_seed_corpus.zip" "$OUT/" + fi done diff --git a/projects/gnutls/gnutls_client_fuzzer.cc b/projects/gnutls/gnutls_client_fuzzer.cc deleted file mode 100644 index b155ca5e..00000000 --- a/projects/gnutls/gnutls_client_fuzzer.cc +++ /dev/null @@ -1,73 +0,0 @@ -/* -# Copyright 2016 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ -*/ - -#include <assert.h> -#include <fcntl.h> -#include <stdint.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <unistd.h> - -#include <gnutls/gnutls.h> - - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - int res; - gnutls_session_t session; - gnutls_certificate_credentials_t xcred; - - int socket_fds[2]; - res = socketpair(AF_UNIX, SOCK_STREAM, 0, socket_fds); - assert(res >= 0); - ssize_t send_res = send(socket_fds[1], data, size, 0); - assert(send_res == size); - res = shutdown(socket_fds[1], SHUT_WR); - assert(res == 0); - - res = gnutls_init(&session, GNUTLS_CLIENT); - assert(res >= 0); - - res = gnutls_certificate_allocate_credentials(&xcred); - assert(res >= 0); - res = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred); - assert(res >= 0); - - res = gnutls_set_default_priority(session); - assert(res >= 0); - - gnutls_transport_set_int(session, socket_fds[0]); - - do { - res = gnutls_handshake(session); - } while (res < 0 && gnutls_error_is_fatal(res) == 0); - if (res >= 0) { - while (true) { - char buf[16384]; - res = gnutls_record_recv(session, buf, sizeof(buf)); - if (res <= 0) { - break; - } - } - } - - close(socket_fds[0]); - close(socket_fds[1]); - gnutls_deinit(session); - gnutls_certificate_free_credentials(xcred); - return 0; -} diff --git a/projects/gnutls/gnutls_x509_parser_fuzzer.cc b/projects/gnutls/gnutls_x509_parser_fuzzer.cc deleted file mode 100644 index 28dc3397..00000000 --- a/projects/gnutls/gnutls_x509_parser_fuzzer.cc +++ /dev/null @@ -1,47 +0,0 @@ -/* -# Copyright 2016 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ -*/ - -#include <assert.h> -#include <stdint.h> - -#include <gnutls/gnutls.h> -#include <gnutls/x509.h> - - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - gnutls_datum_t raw; - gnutls_datum_t out; - gnutls_x509_crt_t crt; - int ret; - - raw.data = (unsigned char *)data; - raw.size = size; - - ret = gnutls_x509_crt_init(&crt); - assert(ret >= 0); - - ret = gnutls_x509_crt_import(crt, &raw, GNUTLS_X509_FMT_DER); - if (ret >= 0) { - ret = gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_FULL, &out); - assert(ret >= 0); - gnutls_free(out.data); - } - - gnutls_x509_crt_deinit(crt); - return 0; -} |