From: Kurt Roeckx <kurt@roeckx.be>
Date: Sun, 19 Feb 2017 16:04:11 +0000 (+0100)
Subject: Make x509 and asn1 fuzzer reproducible
X-Git-Tag: OpenSSL_1_1_1-pre1~1753
X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fopenssl.git;a=commitdiff_plain;h=b534df96c99b7f6103188005a688944645e2ec7b

Make x509 and asn1 fuzzer reproducible

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
---

diff --git a/fuzz/asn1.c b/fuzz/asn1.c
index 0c6131580c..c45fd79328 100644
--- a/fuzz/asn1.c
+++ b/fuzz/asn1.c
@@ -28,8 +28,14 @@
 #include <openssl/x509v3.h>
 #include <openssl/cms.h>
 #include <openssl/err.h>
+#include <openssl/rand.h>
 #include "fuzzer.h"
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+extern int rand_predictable;
+#endif
+#define ENTROPY_NEEDED 32
+
 static ASN1_ITEM_EXP *item_type[] = {
     ASN1_ITEM_ref(ACCESS_DESCRIPTION),
 #ifndef OPENSSL_NO_RFC3779
@@ -210,6 +216,12 @@ int FuzzerInitialize(int *argc, char ***argv)
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
     ERR_get_state();
     CRYPTO_free_ex_index(0, -1);
+    RAND_add("", 1, ENTROPY_NEEDED);
+    RAND_status();
+
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    rand_predictable = 1;
+#endif
 
     return 1;
 }
diff --git a/fuzz/x509.c b/fuzz/x509.c
index 8d383e4aba..83b00f653f 100644
--- a/fuzz/x509.c
+++ b/fuzz/x509.c
@@ -11,13 +11,25 @@
 #include <openssl/x509.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
+#include <openssl/rand.h>
 #include "fuzzer.h"
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+extern int rand_predictable;
+#endif
+#define ENTROPY_NEEDED 32
+
 int FuzzerInitialize(int *argc, char ***argv)
 {
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
     ERR_get_state();
     CRYPTO_free_ex_index(0, -1);
+    RAND_add("", 1, ENTROPY_NEEDED);
+    RAND_status();
+
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    rand_predictable = 1;
+#endif
     return 1;
 }