From: Mike Aizatsky Date: Wed, 26 Oct 2016 20:56:39 +0000 (-0700) Subject: [fuzzers] do not fail fuzzers with empty input X-Git-Tag: OpenSSL_1_1_1-pre1~3300 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=ba7407002d899b614d4728da9004594f947ff3da;p=oweals%2Fopenssl.git [fuzzers] do not fail fuzzers with empty input Reviewed-by: Kurt Roeckx Reviewed-by: Rich Salz GH: #1788 --- diff --git a/fuzz/cms.c b/fuzz/cms.c index f97173add3..94390e7c91 100644 --- a/fuzz/cms.c +++ b/fuzz/cms.c @@ -22,8 +22,12 @@ int FuzzerInitialize(int *argc, char ***argv) { int FuzzerTestOneInput(const uint8_t *buf, size_t len) { CMS_ContentInfo *i; - BIO *in = BIO_new(BIO_s_mem()); + BIO *in; + if (!len) { + return 0; + } + in = BIO_new(BIO_s_mem()); OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); i = d2i_CMS_bio(in, NULL); CMS_ContentInfo_free(i); diff --git a/fuzz/server.c b/fuzz/server.c index 0076306db9..35449d8caa 100644 --- a/fuzz/server.c +++ b/fuzz/server.c @@ -217,6 +217,12 @@ int FuzzerInitialize(int *argc, char ***argv) { } int FuzzerTestOneInput(const uint8_t *buf, size_t len) { + SSL *server; + BIO *in; + BIO *out; + if (!len) { + return 0; + } /* TODO: make this work for OpenSSL. There's a PREDICT define that may do * the job. * TODO: use the ossltest engine (optionally?) to disable crypto checks. @@ -224,9 +230,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { */ /* This only fuzzes the initial flow from the client so far. */ - SSL *server = SSL_new(ctx); - BIO *in = BIO_new(BIO_s_mem()); - BIO *out = BIO_new(BIO_s_mem()); + server = SSL_new(ctx); + in = BIO_new(BIO_s_mem()); + out = BIO_new(BIO_s_mem()); SSL_set_bio(server, in, out); SSL_set_accept_state(server); OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);