commit 4dfd5af70191b068aebe567b8e29ce108cee85ce
author David Benjamin <davidben@google.com> Fri Jul 19 17:34:37 2019 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Jul 19 23:31:14 2019 +0000
tree 84f8044fac76430e8d8023a9140006f6dbb84947
parent 9f5c419b9fbb0d10943f14829470130701af2f4b

Only bypass the signature verification itself in fuzzer mode.

Keep the setup_ctx logic, which, among other things, checks if the
signature algorithm is valid. This cuts down on some unnecessary
fuzzer-mode suppressions.

Change-Id: I644f75630791c9741a1b372e5f83ae7ff9f01c2f
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/36766
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

ssl/ssl_privkey.cc

diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc
index 1ddb1b1..23f8d12 100644
--- a/ssl/ssl_privkey.cc
+++ b/ssl/ssl_privkey.cc
@@ -236,9 +236,16 @@
                            uint16_t sigalg, EVP_PKEY *pkey,
                            Span<const uint8_t> in) {
   ScopedEVP_MD_CTX ctx;
-  return setup_ctx(ssl, ctx.get(), pkey, sigalg, true /* verify */) &&
-         EVP_DigestVerify(ctx.get(), signature.data(), signature.size(),
-                          in.data(), in.size());
+  if (!setup_ctx(ssl, ctx.get(), pkey, sigalg, true /* verify */)) {
+    return false;
+  }
+  bool ok = EVP_DigestVerify(ctx.get(), signature.data(), signature.size(),
+                             in.data(), in.size());
+#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+  ok = true;
+  ERR_clear_error();
+#endif
+  return ok;
 }
 
 enum ssl_private_key_result_t ssl_private_key_decrypt(SSL_HANDSHAKE *hs,