diff options
author | Adam Langley <agl@google.com> | 2015-11-09 13:57:26 -0800 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-11-10 19:14:01 +0000 |
commit | 9a4beb8ad8cc45a40bf420b1bdf90aea321a61f9 (patch) | |
tree | 13c134053667c323515588fe0a1b1ee4890b1ef0 /fuzz/client.cc | |
parent | 4ab254017ccda4bc6d94846e1c748ac0f20c0df3 (diff) | |
download | boringssl-9a4beb8ad8cc45a40bf420b1bdf90aea321a61f9.zip boringssl-9a4beb8ad8cc45a40bf420b1bdf90aea321a61f9.tar.gz boringssl-9a4beb8ad8cc45a40bf420b1bdf90aea321a61f9.tar.bz2 |
Add four, basic fuzz tests.
This change adds fuzzing tests for:
∙ Certificate parsing
∙ Private key parsing
∙ ClientHello parsing
∙ Server first flow (ServerHello, Certificate, etc) parsing.
Change-Id: I5f53282263eaaff69b1a03c819cca73750433653
Reviewed-on: https://boringssl-review.googlesource.com/6460
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'fuzz/client.cc')
-rw-r--r-- | fuzz/client.cc | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/fuzz/client.cc b/fuzz/client.cc new file mode 100644 index 0000000..7cf41fc --- /dev/null +++ b/fuzz/client.cc @@ -0,0 +1,30 @@ +#include <assert.h> + +#include <openssl/ssl.h> + +struct GlobalState { + GlobalState() : ctx(SSL_CTX_new(SSLv23_method())) {} + + ~GlobalState() { + SSL_CTX_free(ctx); + } + + SSL_CTX *const ctx; +}; + +static GlobalState g_state; + +extern "C" int LLVMFuzzerTestOneInput(uint8_t *buf, size_t len) { + // This only fuzzes the initial flow from the server so far. + SSL *client = SSL_new(g_state.ctx); + BIO *in = BIO_new(BIO_s_mem()); + BIO *out = BIO_new(BIO_s_mem()); + SSL_set_bio(client, in, out); + SSL_set_connect_state(client); + + BIO_write(in, buf, len); + SSL_do_handshake(client); + SSL_free(client); + + return 0; +} |