diff options
author | Arjun <pkillarjun@protonmail.com> | 2024-05-09 21:13:03 +0530 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2024-05-28 16:13:29 -0400 |
commit | c3dccd348e3c557cbc34b3be0cbc13aff1bfa144 (patch) | |
tree | d7d69c8cb27860ad01406ebf352d57cb9a458aa6 /src/tests/fuzzing/fuzz_krad.c | |
parent | 4b21b2e2821d3cb91042be09e0ebe09707a57d72 (diff) | |
download | krb5-c3dccd348e3c557cbc34b3be0cbc13aff1bfa144.zip krb5-c3dccd348e3c557cbc34b3be0cbc13aff1bfa144.tar.gz krb5-c3dccd348e3c557cbc34b3be0cbc13aff1bfa144.tar.bz2 |
Add OSS-Fuzz targets and corpora
[ghudson@mit.edu: style adjustments]
bigredbutton: whitespace
Diffstat (limited to 'src/tests/fuzzing/fuzz_krad.c')
-rw-r--r-- | src/tests/fuzzing/fuzz_krad.c | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/src/tests/fuzzing/fuzz_krad.c b/src/tests/fuzzing/fuzz_krad.c new file mode 100644 index 0000000..dbafbf1 --- /dev/null +++ b/src/tests/fuzzing/fuzz_krad.c @@ -0,0 +1,93 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* tests/fuzzing/fuzz_krad.c */ +/* + * Copyright (C) 2024 by Arjun. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Fuzzing harness implementation for krad_packet_decode_response, + * krad_packet_decode_request. + */ + +#include "autoconf.h" +#include <k5-int.h> +#include <krad.h> + +#define kMinInputLength 2 +#define kMaxInputLength 1024 + +static krad_packet *packets[3]; + +static const krad_packet * +iterator(void *data, krb5_boolean cancel) +{ + krad_packet *tmp; + int *i = data; + + if (cancel || packets[*i] == NULL) + return NULL; + + tmp = packets[*i]; + *i += 1; + return tmp; +} + +extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); + +int +LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + int i; + krb5_context ctx; + krb5_data data_in; + const char *secret = "f"; + const krad_packet *req_1 = NULL, *req_2 = NULL; + krad_packet *rsp_1 = NULL, *rsp_2 = NULL; + + if (size < kMinInputLength || size > kMaxInputLength) + return 0; + + if (krb5_init_context(&ctx) != 0) + return 0; + + data_in = make_data((void *)data, size); + + i = 0; + krad_packet_decode_response(ctx, secret, &data_in, iterator, &i, + &req_1, &rsp_1); + + i = 0; + krad_packet_decode_request(ctx, secret, &data_in, iterator, &i, + &req_2, &rsp_2); + + krad_packet_free(rsp_1); + krad_packet_free(rsp_2); + krb5_free_context(ctx); + + return 0; +} |