Add X509 and CRL fuzzer
authorKurt Roeckx <kurt@roeckx.be>
Sat, 18 Jun 2016 13:56:49 +0000 (15:56 +0200)
committerKurt Roeckx <kurt@roeckx.be>
Sat, 25 Jun 2016 09:01:29 +0000 (11:01 +0200)
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1229

fuzz/build.info
fuzz/crl.c [new file with mode: 0644]
fuzz/x509.c [new file with mode: 0644]

index 762ddf83a5d08c65aff9200646047c66df5ad621..8f41878825ad1d0ede98a865dcd92fc4f5ba99e9 100644 (file)
@@ -7,7 +7,7 @@
         $withargs{fuzzer_lib} : catfile(updir(), $withargs{fuzzer_lib}));
    ""
 -}
-PROGRAMS=asn1 asn1parse bignum bndiv cms conf ct server
+PROGRAMS=asn1 asn1parse bignum bndiv cms conf crl ct server x509
 
 SOURCE[asn1]=asn1.c driver.c
 INCLUDE[asn1]=../include {- $ex_inc -}
@@ -33,6 +33,10 @@ SOURCE[conf]=conf.c driver.c
 INCLUDE[conf]=../include {- $ex_inc -}
 DEPEND[conf]=../libcrypto {- $ex_lib -}
 
+SOURCE[crl]=crl.c driver.c
+INCLUDE[crl]=../include {- $ex_inc -}
+DEPEND[crl]=../libcrypto {- $ex_lib -}
+
 SOURCE[ct]=ct.c driver.c
 INCLUDE[ct]=../include {- $ex_inc -}
 DEPEND[ct]=../libcrypto {- $ex_lib -}
@@ -40,3 +44,7 @@ DEPEND[ct]=../libcrypto {- $ex_lib -}
 SOURCE[server]=server.c driver.c
 INCLUDE[server]=../include {- $ex_inc -}
 DEPEND[server]=../libcrypto ../libssl {- $ex_lib -}
+
+SOURCE[x509]=x509.c driver.c
+INCLUDE[x509]=../include {- $ex_inc -}
+DEPEND[x509]=../libcrypto ../libssl {- $ex_lib -}
diff --git a/fuzz/crl.c b/fuzz/crl.c
new file mode 100644 (file)
index 0000000..4dd5b3b
--- /dev/null
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include <openssl/x509.h>
+#include <openssl/bio.h>
+#include "fuzzer.h"
+
+int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
+    const unsigned char *p = buf;
+    unsigned char *der = NULL;
+
+    X509_CRL *crl = d2i_X509_CRL(NULL, &p, len);
+    if (crl != NULL) {
+        BIO *bio = BIO_new(BIO_s_null());
+        X509_CRL_print(bio, crl);
+        BIO_free(bio);
+
+        i2d_X509_CRL(crl, &der);
+        OPENSSL_free(der);
+
+        X509_CRL_free(crl);
+    }
+    return 0;
+}
diff --git a/fuzz/x509.c b/fuzz/x509.c
new file mode 100644 (file)
index 0000000..a0fab2f
--- /dev/null
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include <openssl/x509.h>
+#include <openssl/bio.h>
+#include "fuzzer.h"
+
+int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
+    const unsigned char *p = buf;
+    unsigned char *der = NULL;
+
+    X509 *x509 = d2i_X509(NULL, &p, len);
+    if (x509 != NULL) {
+        BIO *bio = BIO_new(BIO_s_null());
+        X509_print(bio, x509);
+        BIO_free(bio);
+
+        i2d_X509(x509, &der);
+        OPENSSL_free(der);
+
+        X509_free(x509);
+    }
+    return 0;
+}