From: Tobias Brunner Date: Thu, 23 Nov 2023 17:40:44 +0000 (+0100) Subject: fuzz: Add fuzzing targets for OCSP requests/responses X-Git-Tag: 5.9.13rc1~1^2~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ebf5afcefa91403b38aeb8de87ed2967b65f631c;p=thirdparty%2Fstrongswan.git fuzz: Add fuzzing targets for OCSP requests/responses --- diff --git a/fuzz/.gitignore b/fuzz/.gitignore index 0927874fb2..99ebd93bc6 100644 --- a/fuzz/.gitignore +++ b/fuzz/.gitignore @@ -1,5 +1,7 @@ fuzz_certs fuzz_crls +fuzz_ocsp_req +fuzz_ocsp_rsp fuzz_ids fuzz_pa_tnc fuzz_pb_tnc diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index e2254c1e8e..c2d5343804 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -25,7 +25,8 @@ pb_tnc_ldflags = \ $(top_builddir)/src/libtncif/.libs/libtncif.a \ $(fuzz_ldflags) -FUZZ_TARGETS=fuzz_certs fuzz_crls fuzz_ids fuzz_pa_tnc fuzz_pb_tnc +FUZZ_TARGETS=fuzz_certs fuzz_crls fuzz_ocsp_req fuzz_ocsp_rsp \ + fuzz_ids fuzz_pa_tnc fuzz_pb_tnc all-local: $(FUZZ_TARGETS) @@ -37,6 +38,12 @@ fuzz_certs: fuzz_certs.c ${libfuzzer} fuzz_crls: fuzz_crls.c ${libfuzzer} $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) +fuzz_ocsp_req: fuzz_ocsp_req.c ${libfuzzer} + $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) + +fuzz_ocsp_rsp: fuzz_ocsp_rsp.c ${libfuzzer} + $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) + fuzz_ids: fuzz_ids.c ${libfuzzer} $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) diff --git a/fuzz/fuzz_ocsp_req.c b/fuzz/fuzz_ocsp_req.c new file mode 100644 index 0000000000..111ef6365d --- /dev/null +++ b/fuzz/fuzz_ocsp_req.c @@ -0,0 +1,41 @@ +/* + * Copyright (C) 2023 Tobias Brunner + * + * Copyright (C) secunet Security Networks AG + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include +#include + +int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) +{ + certificate_t *cert; + chunk_t chunk; + + dbg_default_set_level(-1); + library_init(NULL, "fuzz_ocsp_req"); + plugin_loader_add_plugindirs(PLUGINDIR, PLUGINS); + if (!lib->plugins->load(lib->plugins, PLUGINS)) + { + return 1; + } + + chunk = chunk_create((u_char*)buf, len); + cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509_OCSP_REQUEST, + BUILD_BLOB, chunk, BUILD_END); + DESTROY_IF(cert); + + lib->plugins->unload(lib->plugins); + library_deinit(); + return 0; +} diff --git a/fuzz/fuzz_ocsp_rsp.c b/fuzz/fuzz_ocsp_rsp.c new file mode 100644 index 0000000000..6778c53f9d --- /dev/null +++ b/fuzz/fuzz_ocsp_rsp.c @@ -0,0 +1,41 @@ +/* + * Copyright (C) 2023 Tobias Brunner + * + * Copyright (C) secunet Security Networks AG + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include +#include + +int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) +{ + certificate_t *cert; + chunk_t chunk; + + dbg_default_set_level(-1); + library_init(NULL, "fuzz_ocsp_rsp"); + plugin_loader_add_plugindirs(PLUGINDIR, PLUGINS); + if (!lib->plugins->load(lib->plugins, PLUGINS)) + { + return 1; + } + + chunk = chunk_create((u_char*)buf, len); + cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509_OCSP_RESPONSE, + BUILD_BLOB, chunk, BUILD_END); + DESTROY_IF(cert); + + lib->plugins->unload(lib->plugins); + library_deinit(); + return 0; +}