lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Merge pull request #10205 from bjwtaylor/move-fuzz-progs-2

Browse Source 
Tidy Up Dependencies and Paths
This commit is contained in:
Gilles Peskine
2025-07-25 13:21:09 +00:00
committed by GitHub
parent a4bd67f3e7 02c76ebb21
commit 3bb528d47d
14 changed files with 21 additions and 223 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
programs/fuzz/CMakeLists.txt
View File

@@ -31,18 +31,19 @@ foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
$<TARGET_OBJECTS:mbedtls_test_helpers>
$<TARGET_OBJECTS:mbedtls_test>)
if(NOT FUZZINGENGINE_LIB)
list(APPEND exe_sources onefile.c)
list(APPEND exe_sources ${MBEDTLS_DIR}/tf-psa-crypto/programs/fuzz/fuzz_onefile.c)
endif()
# This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
list(FIND executables_with_common_c ${exe} exe_index)
if(${exe_index} GREATER -1)
list(APPEND exe_sources common.c)
list(APPEND exe_sources ${MBEDTLS_DIR}/tf-psa-crypto/programs/fuzz/fuzz_common.c)
endif()
add_executable(${exe} ${exe_sources})
set_base_compile_options(${exe})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include
${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/programs/fuzz/
${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
if (NOT FUZZINGENGINE_LIB)

16
programs/fuzz/Makefile
View File

@@ -3,7 +3,7 @@ MBEDTLS_TEST_PATH:=../../tests
MBEDTLS_PATH := ../..
include ../../scripts/common.make
PROGRAM_FUZZ_PATH:=$(MBEDTLS_PATH)/programs/fuzz
PROGRAM_FUZZ_PATH:=$(MBEDTLS_PATH)/tf-psa-crypto/programs/fuzz
DEP=${MBEDLIBS}
@@ -15,6 +15,8 @@ LOCAL_CFLAGS += -I$(PROGRAM_FUZZ_PATH)
# A test application is built for each fuzz_*.c file.
APPS = $(basename $(wildcard fuzz_*.c))
APPS += $(basename $(PROGRAM_FUZZ_PATH)/fuzz_privkey.c)
APPS += $(basename $(PROGRAM_FUZZ_PATH)/fuzz_pubkey.c)
# Construct executable name by adding OS specific suffix $(EXEXT).
BINARIES := $(addsuffix $(EXEXT),$(APPS))
@@ -32,13 +34,13 @@ C_FILES := $(addsuffix .c,$(APPS))
ifdef FUZZINGENGINE
$(BINARIES): %$(EXEXT): %.o $(PROGRAM_FUZZ_PATH)/common.o $(DEP)
echo " $(PROGRAM_FUZZ_PATH)/common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
$(CXX) $(PROGRAM_FUZZ_PATH)/common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
$(BINARIES): %$(EXEXT): %.o $(PROGRAM_FUZZ_PATH)/fuzz_common.o $(DEP)
echo " $(CC) $(PROGRAM_FUZZ_PATH)/fuzz_common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
$(CXX) $(PROGRAM_FUZZ_PATH)/fuzz_common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
else
$(BINARIES): %$(EXEXT): %.o $(PROGRAM_FUZZ_PATH)/common.o $(PROGRAM_FUZZ_PATH)/onefile.o $(DEP)
echo " $(CC) $(PROGRAM_FUZZ_PATH)/common.o $(PROGRAM_FUZZ_PATH)/onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
$(CC) $(PROGRAM_FUZZ_PATH)/common.o $(PROGRAM_FUZZ_PATH)/onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
$(BINARIES): %$(EXEXT): %.o $(PROGRAM_FUZZ_PATH)/fuzz_common.o $(PROGRAM_FUZZ_PATH)/fuzz_onefile.o $(DEP)
echo " $(CC) $(PROGRAM_FUZZ_PATH)/fuzz_common.o $(PROGRAM_FUZZ_PATH)/fuzz_onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
$(CC) $(PROGRAM_FUZZ_PATH)/fuzz_common.o $(PROGRAM_FUZZ_PATH)/fuzz_onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
endif
clean:

107
programs/fuzz/common.c
View File

@@ -1,107 +0,0 @@
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
#include "common.h"
#include <limits.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "mbedtls/ctr_drbg.h"
#if defined(MBEDTLS_PLATFORM_TIME_ALT)
mbedtls_time_t dummy_constant_time(mbedtls_time_t *time)
{
(void) time;
return 0x5af2a056;
}
#endif
void dummy_init(void)
{
#if defined(MBEDTLS_PLATFORM_TIME_ALT)
mbedtls_platform_set_time(dummy_constant_time);
#else
fprintf(stderr, "Warning: fuzzing without constant time\n");
#endif
}
int dummy_send(void *ctx, const unsigned char *buf, size_t len)
{
//silence warning about unused parameter
(void) ctx;
(void) buf;
//pretends we wrote everything ok
if (len > INT_MAX) {
return -1;
}
return (int) len;
}
int fuzz_recv(void *ctx, unsigned char *buf, size_t len)
{
//reads from the buffer from fuzzer
fuzzBufferOffset_t *biomemfuzz = (fuzzBufferOffset_t *) ctx;
if (biomemfuzz->Offset == biomemfuzz->Size) {
//EOF
return 0;
}
if (len > INT_MAX) {
return -1;
}
if (len + biomemfuzz->Offset > biomemfuzz->Size) {
//do not overflow
len = biomemfuzz->Size - biomemfuzz->Offset;
}
memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
biomemfuzz->Offset += len;
return (int) len;
}
int dummy_random(void *p_rng, unsigned char *output, size_t output_len)
{
int ret;
size_t i;
#if defined(MBEDTLS_CTR_DRBG_C)
//mbedtls_ctr_drbg_random requires a valid mbedtls_ctr_drbg_context in p_rng
if (p_rng != NULL) {
//use mbedtls_ctr_drbg_random to find bugs in it
ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
} else {
//fall through to pseudo-random
ret = 0;
}
#else
(void) p_rng;
ret = 0;
#endif
for (i = 0; i < output_len; i++) {
//replace result with pseudo random
output[i] = (unsigned char) rand();
}
return ret;
}
int dummy_entropy(void *data, unsigned char *output, size_t len)
{
size_t i;
(void) data;
//use mbedtls_entropy_func to find bugs in it
//test performance impact of entropy
//ret = mbedtls_entropy_func(data, output, len);
for (i = 0; i < len; i++) {
//replace result with pseudo random
output[i] = (unsigned char) rand();
}
return 0;
}
int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout)
{
(void) timeout;
return fuzz_recv(ctx, buf, len);
}

28
programs/fuzz/common.h
View File

@@ -1,28 +0,0 @@
#include "mbedtls/build_info.h"
#if defined(MBEDTLS_HAVE_TIME)
#include "mbedtls/platform_time.h"
#endif
#include <stddef.h>
#include <stdint.h>
typedef struct fuzzBufferOffset {
const uint8_t *Data;
size_t Size;
size_t Offset;
} fuzzBufferOffset_t;
#if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t dummy_constant_time(mbedtls_time_t *time);
#endif
void dummy_init(void);
int dummy_send(void *ctx, const unsigned char *buf, size_t len);
int fuzz_recv(void *ctx, unsigned char *buf, size_t len);
int dummy_random(void *p_rng, unsigned char *output, size_t output_len);
int dummy_entropy(void *data, unsigned char *output, size_t len);
int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout);
/* Implemented in the fuzz_*.c sources and required by onefile.c */
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);

2
programs/fuzz/fuzz_client.c
View File

@@ -4,7 +4,7 @@
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
#include "test/certs.h"
#include "common.h"
#include "fuzz_common.h"
#include <string.h>
#include <stdlib.h>
#include <stdint.h>

2
programs/fuzz/fuzz_dtlsclient.c
View File

@@ -3,7 +3,7 @@
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
#include "common.h"
#include "fuzz_common.h"
#include "mbedtls/ssl.h"
#if defined(MBEDTLS_SSL_PROTO_DTLS)
#include "mbedtls/entropy.h"

2
programs/fuzz/fuzz_dtlsserver.c
View File

@@ -3,7 +3,7 @@
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
#include "common.h"
#include "fuzz_common.h"
#include "mbedtls/ssl.h"
#include "test/certs.h"
#if defined(MBEDTLS_SSL_PROTO_DTLS)

2
programs/fuzz/fuzz_pkcs7.c
View File

@@ -2,7 +2,7 @@
#include <stdint.h>
#include "mbedtls/pkcs7.h"
#include "common.h"
#include "fuzz_common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

2
programs/fuzz/fuzz_server.c
View File

@@ -5,7 +5,7 @@
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/ssl_ticket.h"
#include "test/certs.h"
#include "common.h"
#include "fuzz_common.h"
#include <string.h>
#include <stdlib.h>
#include <stdint.h>

2
programs/fuzz/fuzz_x509crl.c
View File

@@ -2,7 +2,7 @@
#include <stdint.h>
#include "mbedtls/x509_crl.h"
#include "common.h"
#include "fuzz_common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

2
programs/fuzz/fuzz_x509crt.c
View File

@@ -2,7 +2,7 @@
#include <stdint.h>
#include "mbedtls/x509_crt.h"
#include "common.h"
#include "fuzz_common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

2
programs/fuzz/fuzz_x509csr.c
View File

@@ -2,7 +2,7 @@
#include <stdint.h>
#include "mbedtls/x509_csr.h"
#include "common.h"
#include "fuzz_common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

70
programs/fuzz/onefile.c
View File

@@ -1,70 +0,0 @@
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>
#include "common.h"
/* This file doesn't use any Mbed TLS function, but grab mbedtls_config.h anyway
* in case it contains platform-specific #defines related to malloc or
* stdio functions. */
#include "mbedtls/build_info.h"
int main(int argc, char **argv)
{
FILE *fp;
uint8_t *Data;
size_t Size;
const char *argv0 = argv[0] == NULL ? "PROGRAM_NAME" : argv[0];
if (argc != 2) {
fprintf(stderr, "Usage: %s REPRODUCER_FILE\n", argv0);
return 1;
}
//opens the file, get its size, and reads it into a buffer
fp = fopen(argv[1], "rb");
if (fp == NULL) {
fprintf(stderr, "%s: Error in fopen\n", argv0);
perror(argv[1]);
return 2;
}
if (fseek(fp, 0L, SEEK_END) != 0) {
fprintf(stderr, "%s: Error in fseek(SEEK_END)\n", argv0);
perror(argv[1]);
fclose(fp);
return 2;
}
Size = ftell(fp);
if (Size == (size_t) -1) {
fprintf(stderr, "%s: Error in ftell\n", argv0);
perror(argv[1]);
fclose(fp);
return 2;
}
if (fseek(fp, 0L, SEEK_SET) != 0) {
fprintf(stderr, "%s: Error in fseek(0)\n", argv0);
perror(argv[1]);
fclose(fp);
return 2;
}
Data = malloc(Size);
if (Data == NULL) {
fprintf(stderr, "%s: Could not allocate memory\n", argv0);
perror(argv[1]);
fclose(fp);
return 2;
}
if (fread(Data, Size, 1, fp) != 1) {
fprintf(stderr, "%s: Error in fread\n", argv0);
perror(argv[1]);
free(Data);
fclose(fp);
return 2;
}
//launch fuzzer
LLVMFuzzerTestOneInput(Data, Size);
free(Data);
fclose(fp);
return 0;
}

2
tf-psa-crypto

Submodule tf-psa-crypto updated: a0ff5d6483...19edaa785d