From: Kurt Roeckx <kurt@roeckx.be>
Date: Sat, 18 Jun 2016 13:56:49 +0000 (+0200)
Subject: Add X509 and CRL fuzzer
X-Git-Tag: OpenSSL_1_1_0-pre6~343
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=e1859d8d54be8abe102eb45f8019b3aa1c3e0700;p=oweals%2Fopenssl.git

Add X509 and CRL fuzzer

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1229
---

diff --git a/fuzz/build.info b/fuzz/build.info
index 762ddf83a5..8f41878825 100644
--- a/fuzz/build.info
+++ b/fuzz/build.info
@@ -7,7 +7,7 @@
         $withargs{fuzzer_lib} : catfile(updir(), $withargs{fuzzer_lib}));
    ""
 -}
-PROGRAMS=asn1 asn1parse bignum bndiv cms conf ct server
+PROGRAMS=asn1 asn1parse bignum bndiv cms conf crl ct server x509
 
 SOURCE[asn1]=asn1.c driver.c
 INCLUDE[asn1]=../include {- $ex_inc -}
@@ -33,6 +33,10 @@ SOURCE[conf]=conf.c driver.c
 INCLUDE[conf]=../include {- $ex_inc -}
 DEPEND[conf]=../libcrypto {- $ex_lib -}
 
+SOURCE[crl]=crl.c driver.c
+INCLUDE[crl]=../include {- $ex_inc -}
+DEPEND[crl]=../libcrypto {- $ex_lib -}
+
 SOURCE[ct]=ct.c driver.c
 INCLUDE[ct]=../include {- $ex_inc -}
 DEPEND[ct]=../libcrypto {- $ex_lib -}
@@ -40,3 +44,7 @@ DEPEND[ct]=../libcrypto {- $ex_lib -}
 SOURCE[server]=server.c driver.c
 INCLUDE[server]=../include {- $ex_inc -}
 DEPEND[server]=../libcrypto ../libssl {- $ex_lib -}
+
+SOURCE[x509]=x509.c driver.c
+INCLUDE[x509]=../include {- $ex_inc -}
+DEPEND[x509]=../libcrypto ../libssl {- $ex_lib -}
diff --git a/fuzz/crl.c b/fuzz/crl.c
new file mode 100644
index 0000000000..4dd5b3b155
--- /dev/null
+++ b/fuzz/crl.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include <openssl/x509.h>
+#include <openssl/bio.h>
+#include "fuzzer.h"
+
+int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
+    const unsigned char *p = buf;
+    unsigned char *der = NULL;
+
+    X509_CRL *crl = d2i_X509_CRL(NULL, &p, len);
+    if (crl != NULL) {
+        BIO *bio = BIO_new(BIO_s_null());
+        X509_CRL_print(bio, crl);
+        BIO_free(bio);
+
+        i2d_X509_CRL(crl, &der);
+        OPENSSL_free(der);
+
+        X509_CRL_free(crl);
+    }
+    return 0;
+}
diff --git a/fuzz/x509.c b/fuzz/x509.c
new file mode 100644
index 0000000000..a0fab2f600
--- /dev/null
+++ b/fuzz/x509.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include <openssl/x509.h>
+#include <openssl/bio.h>
+#include "fuzzer.h"
+
+int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
+    const unsigned char *p = buf;
+    unsigned char *der = NULL;
+
+    X509 *x509 = d2i_X509(NULL, &p, len);
+    if (x509 != NULL) {
+        BIO *bio = BIO_new(BIO_s_null());
+        X509_print(bio, x509);
+        BIO_free(bio);
+
+        i2d_X509(x509, &der);
+        OPENSSL_free(der);
+
+        X509_free(x509);
+    }
+    return 0;
+}