aboutsummaryrefslogtreecommitdiff
path: root/fuzz
AgeCommit message (Collapse)AuthorFilesLines
2018-09-12Update README.mdBrian 'geeknik' Carpenter1-1/+1
Fixes a minor typo that would cause the linker to complain about not finding -lFuzzer CLA: trivial Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7197)
2018-09-11Update copyright yearMatt Caswell3-3/+3
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7176)
2018-09-07fuzz/driver.c: appease -Wmissing-prototypesPatrick Steuer1-0/+3
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/7138)
2018-08-23Update fuzz corporaKurt Roeckx27437-7611/+19285
Reviewed-by: Tim Hudson <tjh@openssl.org> GH: #7033
2018-08-09Fix no-compMatt Caswell2-4/+4
Commit 8839324 removed some NULL checks from the stack code. This caused a no-comp build to fail in the client and server fuzzers. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6893)
2018-08-01Add OIDs for HMAC SHA512/224 and HMAC SHA512/256.Pauli1-0/+2
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6830)
2018-07-17Enable all protocols and ciphers in the fuzzerKurt Roeckx2-2/+6
The config file can override it. In case of the server, it needs to be set on the ctx or some of the other functions on the ctx might file. Reviewed-by: Rich Salz <rsalz@openssl.org> DH: #6718
2018-06-08New GOST identificatorsDmitry Belyavskiy1-0/+14
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6438)
2018-04-03Update copyright yearMatt Caswell1-1/+1
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5851)
2018-03-29Faster fuzz test: teach the fuzz test programs to handle directoriesRichard Levitte1-15/+70
Instead of invoking the fuzz test programs once for every corpora file, we invoke them once for each directory of corpora files. This dramatically reduces the number of program invikations, as well as the time 99-test_fuzz.t takes to complete. fuzz/test-corpus.c was enhanced to handle directories as well as regular files. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5776)
2018-03-27Add fuzz corpora file that found the ASN.1 stack depth issueMatt Caswell1-0/+0
Reviewed-by: Rich Salz <rsalz@openssl.org>
2018-03-19Add SM2 signature and ECIES schemesJack Lloyd1-0/+1
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4793)
2018-03-15Missings OIDs for XTS added.Pauli1-0/+4
Added two missing OIDs for AES-{128,256}-XTS. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5622)
2018-03-12Add OIDs for DSTU-4145gmile1-0/+20
Original source: https://github.com/dstucrypt/openssl-dstu/commit/2c5fc4c92b8244c5026f4f871eb9497f9c28d5af Full list of OIDs is available on related enactment page at http://zakon2.rada.gov.ua/laws/show/z0423-17 CLA: trivial Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5216)
2018-03-07Add GOST OIDs for Edwards parameter setsSergey Zhuravlev1-0/+3
Add OIDs for parameter sets of Edwards elliptic curves. CLA: trivial Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5380)
2018-02-27Update copyright yearMatt Caswell1-1/+1
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-13Generate copyright year properlyRich Salz1-0/+5
Output copyright year depends on any input file(s) and the script. This is not perfect, but better than what we had. Also run 'make update' Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5350)
2018-01-24SHA512/224 and SHA512/256Pauli1-0/+2
Support added for these two digests, available only via the EVP interface. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5093)
2017-11-06SM3: restructure to EVP internal and update doc to right locationRonald Tse1-0/+2
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4616)
2017-11-03Conditionalize fuzz tests on feature macrosBenjamin Kaduk1-0/+8
Do not try to fuzz-test structures/routines that are compiled out of the library due to library configuration. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4664)
2017-11-03Update asn1 and x509 corporaKurt Roeckx7760-166/+124
Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4653
2017-11-03ASN1 fuzzer: Use d2i_TYPE / i2d_TYPE functionsKurt Roeckx2-5/+97
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
2017-11-03Don't turn b2 negativeKurt Roeckx1-3/+1
b2 being negative is ignored Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
2017-11-03Update location of the libfuzzer repositoryKurt Roeckx1-1/+1
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
2017-10-31make updateRichard Levitte1-0/+1017
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4637)
2017-10-31Generate a dictionary of OIDs for fuzzersRichard Levitte1-0/+27
It turns out that (some?) fuzzers can read a dictionary of OIDs, so we generate one as part of the usual 'make update'. Fixes #4615 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4637)
2017-10-16Remove unused variable.Ben Laurie1-0/+2
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4367)
2017-09-18Stack sorting safetyPauli2-2/+2
Use the defined typechecking stack method to sort the compression methods stack rather than using the generic function and apply type casts. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4382)
2017-08-16bndiv fuzzer: limit the size of the input to avoid timeoutgbrl1-0/+7
CLA: trivial Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4119)
2017-08-11Move FuzzerSetRand to separate file.Rich Salz6-31/+48
Use an inline rand.inc; this fixes Google's OSS-Fuzz builds. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4141)
2017-07-26Install custom RAND_METHOD for fuzzingRich Salz6-44/+36
Instead of setting a "magic" global variable to force RAND to keep consistent state and always generate the same bytestream, have the fuzzing code install its own RAND_METHOD that does this. For BN_RAND_DEBUG, we just don't do it; that debugging was about mucking with BN's internal representation, not requiring predictable rand bytes. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4025)
2017-07-02Update fuzz corporaKurt Roeckx22495-2943/+7089
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #3829
2017-04-27fuzz/{client,server}.c: omit _time64 "overload method".Andy Polyakov2-16/+12
Approach was opportunistic in Windows context from its inception and on top of that it was proven to be error-prone at link stage. Correct answer is to introduce library-specific time function that we can control in platform-neutral manner. Meanwhile we just let be attempts to override time on Windows. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3320)
2017-04-19Change 64-bit time type for windowsJon Spillett2-2/+2
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3248)
2017-04-16Optionally check for early dataKurt Roeckx1-1/+19
This adds a way to use the last byte of the buffer to change the behavior of the server. The last byte is used so that the existing corpus can be reused either without changing it, or just adding a single byte, and that it can still be used by other projects. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
2017-04-16Use a fixed time when fuzzing.Kurt Roeckx2-1/+36
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
2017-04-16Document how to update the corpus.Kurt Roeckx1-0/+12
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
2017-04-16Make x509 and asn1 fuzzer reproducibleKurt Roeckx2-0/+24
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
2017-04-16Switch libfuzzer to use trace-pc-guardKurt Roeckx1-1/+1
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
2017-04-10Act on deprecation of LONG and ZLONG, step 1Richard Levitte1-0/+4
Don't compile code that still uses LONG when it's deprecated Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3126)
2017-04-10Publish our INT32, UINT32, INT64, UINT64 ASN.1 types and Z variantsRichard Levitte1-0/+8
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3126)
2017-04-07Make default_method mostly compile-timeRich Salz2-20/+0
Document thread-safety issues Have RSA_null return NULL (always fails) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2244)
2017-03-12Fix out-of-memory condition in confMatt Caswell1-0/+41
conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion. Credit to OSS-Fuzz for finding this problem. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2894)
2017-02-21Update client, server and x509 fuzz corpusKurt Roeckx6183-6/+3
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2682
2017-01-29Update client and server corpusKurt Roeckx4777-0/+1
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2318
2017-01-09Fix build issues with no-dh, no-dsa and no-ecRichard Levitte2-0/+24
Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2192)
2017-01-06Update fuzz corporaKurt Roeckx8085-237/+216
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
2017-01-06Make client and server fuzzer reproducibleKurt Roeckx2-0/+12
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
2017-01-06Make the bignum fuzzer reproducibleKurt Roeckx1-18/+23
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
2017-01-06Update fuzz documentationKurt Roeckx1-5/+48
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
generated by cgit v1.1 at 2024-07-13 14:34:21 +0000