Add DTLS fuzzers.
Bug: 124
Change-Id: Iff02be9df2806572e6d3f860b448f598f85778c3
Reviewed-on: https://boringssl-review.googlesource.com/20107
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt
index 556514f..5eff3d9 100644
--- a/fuzz/CMakeLists.txt
+++ b/fuzz/CMakeLists.txt
@@ -59,6 +59,26 @@
target_link_libraries(client ssl)
add_executable(
+ dtls_server
+
+ dtls_server.cc
+)
+
+target_link_libraries(dtls_server Fuzzer)
+target_link_libraries(dtls_server crypto)
+target_link_libraries(dtls_server ssl)
+
+add_executable(
+ dtls_client
+
+ dtls_client.cc
+)
+
+target_link_libraries(dtls_client Fuzzer)
+target_link_libraries(dtls_client crypto)
+target_link_libraries(dtls_client ssl)
+
+add_executable(
read_pem
read_pem.cc
diff --git a/fuzz/client.cc b/fuzz/client.cc
index 5f930b6..ad15486 100644
--- a/fuzz/client.cc
+++ b/fuzz/client.cc
@@ -15,7 +15,7 @@
#include "../ssl/test/fuzzer.h"
-static TLSFuzzer g_fuzzer(TLSFuzzer::kClient);
+static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kClient);
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
return g_fuzzer.TestOneInput(buf, len);
diff --git a/fuzz/dtls_client.cc b/fuzz/dtls_client.cc
new file mode 100644
index 0000000..5fb6b3b
--- /dev/null
+++ b/fuzz/dtls_client.cc
@@ -0,0 +1,22 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include "../ssl/test/fuzzer.h"
+
+
+static TLSFuzzer g_fuzzer(TLSFuzzer::kDTLS, TLSFuzzer::kClient);
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
+ return g_fuzzer.TestOneInput(buf, len);
+}
diff --git a/fuzz/dtls_server.cc b/fuzz/dtls_server.cc
new file mode 100644
index 0000000..5a27915
--- /dev/null
+++ b/fuzz/dtls_server.cc
@@ -0,0 +1,22 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include "../ssl/test/fuzzer.h"
+
+
+static TLSFuzzer g_fuzzer(TLSFuzzer::kDTLS, TLSFuzzer::kServer);
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
+ return g_fuzzer.TestOneInput(buf, len);
+}
diff --git a/fuzz/refresh_ssl_corpora.sh b/fuzz/refresh_ssl_corpora.sh
index bded442..6db5562 100755
--- a/fuzz/refresh_ssl_corpora.sh
+++ b/fuzz/refresh_ssl_corpora.sh
@@ -60,6 +60,8 @@
assert_directory client_corpus_no_fuzzer_mode
assert_directory server_corpus
assert_directory server_corpus_no_fuzzer_mode
+assert_directory dtls_client_corpus
+assert_directory dtls_server_corpus
# Gather new transcripts. Ignore errors in running the tests.
@@ -102,6 +104,8 @@
minimize_corpus "$fuzzer_mode_build_dir/fuzz/server" server_corpus
minimize_corpus "$no_fuzzer_mode_build_dir/fuzz/client" client_corpus_no_fuzzer_mode
minimize_corpus "$no_fuzzer_mode_build_dir/fuzz/server" server_corpus_no_fuzzer_mode
+minimize_corpus "$fuzzer_mode_build_dir/fuzz/dtls_client" dtls_client_corpus
+minimize_corpus "$fuzzer_mode_build_dir/fuzz/dtls_server" dtls_server_corpus
# Incorporate the new transcripts.
@@ -110,3 +114,5 @@
"$fuzzer_mode_build_dir/fuzz/server" -max_len=50000 -merge=1 server_corpus "${fuzzer_mode_transcripts}/tls/server"
"$no_fuzzer_mode_build_dir/fuzz/client" -max_len=50000 -merge=1 client_corpus_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/client"
"$no_fuzzer_mode_build_dir/fuzz/server" -max_len=50000 -merge=1 server_corpus_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/server"
+"$fuzzer_mode_build_dir/fuzz/dtls_client" -max_len=50000 -merge=1 dtls_client_corpus "${fuzzer_mode_transcripts}/dtls/client"
+"$fuzzer_mode_build_dir/fuzz/dtls_server" -max_len=50000 -merge=1 dtls_server_corpus "${fuzzer_mode_transcripts}/dtls/server"
diff --git a/fuzz/server.cc b/fuzz/server.cc
index 1d5c7b9..9f8cee2 100644
--- a/fuzz/server.cc
+++ b/fuzz/server.cc
@@ -15,7 +15,7 @@
#include "../ssl/test/fuzzer.h"
-static TLSFuzzer g_fuzzer(TLSFuzzer::kServer);
+static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kServer);
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
return g_fuzzer.TestOneInput(buf, len);
