fuzz: add punycode decoder fuzz test

author Pauli <pauli@openssl.org>

Thu, 3 Nov 2022 21:43:38 +0000 (08:43 +1100)

committer Pauli <pauli@openssl.org>

Thu, 10 Nov 2022 21:14:48 +0000 (08:14 +1100)
author Pauli <pauli@openssl.org>
Thu, 3 Nov 2022 21:43:38 +0000 (08:43 +1100)
committer Pauli <pauli@openssl.org>
Thu, 10 Nov 2022 21:14:48 +0000 (08:14 +1100)
diff --git a/fuzz/build.info b/fuzz/build.info

index 7b26b8c15228f8a7365e00c6892deb7d4aa425bb..7ba41a7a6ebdbf6fca7e570546503d5efeec8b23 100644 (file)
--- a/fuzz/build.info
+++ b/fuzz/build.info
@@ -10,6 +10,7 @@
  
  IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
    PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server x509
+  PROGRAMS{noinst}=punycode
  
    IF[{- !$disabled{"cmp"} -}]
      PROGRAMS{noinst}=cmp
@@ -63,6 +64,10 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
    INCLUDE[ct]=../include {- $ex_inc -}
    DEPEND[ct]=../libcrypto {- $ex_lib -}
  
+  SOURCE[punycode]=punycode.c driver.c
+  INCLUDE[punycode]=../include {- $ex_inc -}
+  DEPEND[punycode]=../libcrypto.a {- $ex_lib -}
+
    SOURCE[server]=server.c driver.c fuzz_rand.c
    INCLUDE[server]=../include {- $ex_inc -}
    DEPEND[server]=../libcrypto ../libssl {- $ex_lib -}
@@ -74,6 +79,7 @@ ENDIF
  
  IF[{- !$disabled{tests} -}]
    PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test x509-test
+  PROGRAMS{noinst}=punycode-test
  
    IF[{- !$disabled{"cmp"} -}]
      PROGRAMS{noinst}=cmp-test
@@ -128,6 +134,10 @@ IF[{- !$disabled{tests} -}]
    INCLUDE[ct-test]=../include
    DEPEND[ct-test]=../libcrypto
  
+  SOURCE[punycode-test]=punycode.c test-corpus.c
+  INCLUDE[punycode-test]=../include
+  DEPEND[punycode-test]=../libcrypto.a
+
    SOURCE[server-test]=server.c test-corpus.c fuzz_rand.c
    INCLUDE[server-test]=../include
    DEPEND[server-test]=../libcrypto ../libssl
diff --git a/fuzz/corpora/punycode/0000000000000000000000000000000000000000 b/fuzz/corpora/punycode/0000000000000000000000000000000000000000

new file mode 100644 (file)

index 0000000..36f7661

Binary files /dev/null and b/fuzz/corpora/punycode/0000000000000000000000000000000000000000 differ
diff --git a/fuzz/corpora/punycode/0000000000000000000000000000000000000001 b/fuzz/corpora/punycode/0000000000000000000000000000000000000001

new file mode 100644 (file)

index 0000000..33abaeb

Binary files /dev/null and b/fuzz/corpora/punycode/0000000000000000000000000000000000000001 differ
diff --git a/fuzz/fuzzer.h b/fuzz/fuzzer.h

index cd460dea8d94445f6076a157fb367de27564ad88..4d8b7b9a517961f1efa1f7a42ae5410fa4af7254 100644 (file)
--- a/fuzz/fuzzer.h
+++ b/fuzz/fuzzer.h
@@ -8,6 +8,9 @@
   * or in the file LICENSE in the source distribution.
   */
  
+#include <stdint.h>     /* for uint8_t */
+#include <stddef.h>     /* for size_t */
+
  int FuzzerTestOneInput(const uint8_t *buf, size_t len);
  int FuzzerInitialize(int *argc, char ***argv);
  void FuzzerCleanup(void);
diff --git a/fuzz/punycode.c b/fuzz/punycode.c

new file mode 100644 (file)

index 0000000..76ae3de
--- /dev/null
+++ b/fuzz/punycode.c
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "crypto/punycode.h"
+#include "internal/nelem.h"
+#include <openssl/crypto.h>
+#include "fuzzer.h"
+
+#include <stdio.h>
+#include <string.h>
+
+int FuzzerInitialize(int *argc, char ***argv)
+{
+    return 1;
+}
+
+int FuzzerTestOneInput(const uint8_t *buf, size_t len)
+{
+    char *b;
+    unsigned int out[16], outlen = OSSL_NELEM(out);
+    char outc[16];
+
+    b = OPENSSL_malloc(len + 1);
+    if (b != NULL) {
+        ossl_punycode_decode((const char *)buf, len, out, &outlen);
+        memcpy(b, buf, len);
+        b[len] = '\0';
+        ossl_a2ulabel(b, outc, sizeof(outc));
+        OPENSSL_free(b);
+    }
+    return 0;
+}
+
+void FuzzerCleanup(void)
+{
+}
diff --git a/include/crypto/punycode.h b/include/crypto/punycode.h

index 1cc52c544adcb423e05af525d2ac125db0305959..e448dadbbd8049891df7ae544229dc1909605c44 100644 (file)
--- a/include/crypto/punycode.h
+++ b/include/crypto/punycode.h
@@ -11,6 +11,8 @@
  # define OSSL_CRYPTO_PUNYCODE_H
  # pragma once
  
+# include <stddef.h>     /* for size_t */
+
  int ossl_punycode_decode (
      const char *pEncoded,
      const size_t enc_len,
author	Pauli <pauli@openssl.org>
	Thu, 3 Nov 2022 21:43:38 +0000 (08:43 +1100)
committer	Pauli <pauli@openssl.org>
	Thu, 10 Nov 2022 21:14:48 +0000 (08:14 +1100)
fuzz/build.info		patch \| blob \| blame \| history
fuzz/corpora/punycode/0000000000000000000000000000000000000000	[new file with mode: 0644]	patch \| blob
fuzz/corpora/punycode/0000000000000000000000000000000000000001	[new file with mode: 0644]	patch \| blob
fuzz/fuzzer.h		patch \| blob \| blame \| history
fuzz/punycode.c	[new file with mode: 0644]	patch \| blob
include/crypto/punycode.h		patch \| blob \| blame \| history