diff options
Diffstat (limited to 'fuzz/fuzz_mgmt.c')
-rw-r--r-- | fuzz/fuzz_mgmt.c | 257 |
1 files changed, 49 insertions, 208 deletions
diff --git a/fuzz/fuzz_mgmt.c b/fuzz/fuzz_mgmt.c index 741b375..d46daf6 100644 --- a/fuzz/fuzz_mgmt.c +++ b/fuzz/fuzz_mgmt.c | |||
@@ -11,6 +11,8 @@ | |||
11 | #include <string.h> | 11 | #include <string.h> |
12 | 12 | ||
13 | #include "mutator_aux.h" | 13 | #include "mutator_aux.h" |
14 | #include "wiredata_fido2.h" | ||
15 | #include "dummy.h" | ||
14 | #include "fido.h" | 16 | #include "fido.h" |
15 | 17 | ||
16 | #include "../openbsd-compat/openbsd-compat.h" | 18 | #include "../openbsd-compat/openbsd-compat.h" |
@@ -35,207 +37,39 @@ struct param { | |||
35 | int seed; | 37 | int seed; |
36 | }; | 38 | }; |
37 | 39 | ||
38 | /* Example parameters. */ | ||
39 | static const char dummy_pin1[] = "skepp cg0u3;Y.."; | ||
40 | static const char dummy_pin2[] = "bastilha 6rJrfQZI."; | ||
41 | |||
42 | static const uint8_t dummy_reset_wire_data[] = { | 40 | static const uint8_t dummy_reset_wire_data[] = { |
43 | 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x91, | 41 | WIREDATA_CTAP_INIT, |
44 | 0xef, 0xbe, 0x74, 0x39, 0x1a, 0x1c, 0x4a, 0x00, | 42 | WIREDATA_CTAP_CBOR_INFO, |
45 | 0x22, 0x00, 0x01, 0x02, 0x05, 0x02, 0x01, 0x05, | 43 | WIREDATA_CTAP_KEEPALIVE, |
46 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 44 | WIREDATA_CTAP_KEEPALIVE, |
47 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 45 | WIREDATA_CTAP_KEEPALIVE, |
48 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 46 | WIREDATA_CTAP_CBOR_RESET, |
49 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
50 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
51 | 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, | ||
52 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
53 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
54 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
55 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
56 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
57 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
58 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
59 | 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, | ||
60 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
61 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
62 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
63 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
64 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
65 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
66 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
67 | 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, | ||
68 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
69 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
70 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
71 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
72 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
73 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
74 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
75 | 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, | ||
76 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
77 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
78 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
79 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
80 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
81 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
82 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
83 | 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, | ||
84 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
85 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
86 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
87 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
88 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
89 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
90 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
91 | 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x01, | ||
92 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
93 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
94 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
95 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
96 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
97 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
98 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
99 | 0x00, 0x22, 0x00, 0x01, 0x90, 0x00, 0x01, 0x00, | ||
100 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
101 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
102 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
103 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
104 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
105 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
106 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | ||
107 | }; | 47 | }; |
108 | 48 | ||
109 | static const uint8_t dummy_info_wire_data[] = { | 49 | static const uint8_t dummy_info_wire_data[] = { |
110 | 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x80, | 50 | WIREDATA_CTAP_INIT, |
111 | 0x43, 0x56, 0x40, 0xb1, 0x4e, 0xd9, 0x2d, 0x00, | 51 | WIREDATA_CTAP_CBOR_INFO, |
112 | 0x22, 0x00, 0x02, 0x02, 0x05, 0x02, 0x01, 0x05, | 52 | WIREDATA_CTAP_CBOR_INFO, |
113 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
114 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
115 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
116 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
117 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
118 | 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0xb9, 0x00, | ||
119 | 0xa9, 0x01, 0x83, 0x66, 0x55, 0x32, 0x46, 0x5f, | ||
120 | 0x56, 0x32, 0x68, 0x46, 0x49, 0x44, 0x4f, 0x5f, | ||
121 | 0x32, 0x5f, 0x30, 0x6c, 0x46, 0x49, 0x44, 0x4f, | ||
122 | 0x5f, 0x32, 0x5f, 0x31, 0x5f, 0x50, 0x52, 0x45, | ||
123 | 0x02, 0x82, 0x6b, 0x63, 0x72, 0x65, 0x64, 0x50, | ||
124 | 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x6b, 0x68, | ||
125 | 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x65, 0x63, 0x72, | ||
126 | 0x00, 0x22, 0x00, 0x02, 0x00, 0x65, 0x74, 0x03, | ||
127 | 0x50, 0x19, 0x56, 0xe5, 0xbd, 0xa3, 0x74, 0x45, | ||
128 | 0xf1, 0xa8, 0x14, 0x35, 0x64, 0x03, 0xfd, 0xbc, | ||
129 | 0x18, 0x04, 0xa5, 0x62, 0x72, 0x6b, 0xf5, 0x62, | ||
130 | 0x75, 0x70, 0xf5, 0x64, 0x70, 0x6c, 0x61, 0x74, | ||
131 | 0xf4, 0x69, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, | ||
132 | 0x50, 0x69, 0x6e, 0xf4, 0x75, 0x63, 0x72, 0x65, | ||
133 | 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x4d, | ||
134 | 0x00, 0x22, 0x00, 0x02, 0x01, 0x67, 0x6d, 0x74, | ||
135 | 0x50, 0x72, 0x65, 0x76, 0x69, 0x65, 0x77, 0xf5, | ||
136 | 0x05, 0x19, 0x04, 0xb0, 0x06, 0x81, 0x01, 0x07, | ||
137 | 0x08, 0x08, 0x18, 0x80, 0x0a, 0x82, 0xa2, 0x63, | ||
138 | 0x61, 0x6c, 0x67, 0x26, 0x64, 0x74, 0x79, 0x70, | ||
139 | 0x65, 0x6a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, | ||
140 | 0x2d, 0x6b, 0x65, 0x79, 0xa2, 0x63, 0x61, 0x6c, | ||
141 | 0x67, 0x27, 0x64, 0x74, 0x79, 0x70, 0x65, 0x6a, | ||
142 | 0x00, 0x22, 0x00, 0x02, 0x02, 0x70, 0x75, 0x62, | ||
143 | 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x00, | ||
144 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
145 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
146 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
147 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
148 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
149 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | ||
150 | }; | 53 | }; |
151 | 54 | ||
152 | static const uint8_t dummy_set_pin_wire_data[] = { | 55 | static const uint8_t dummy_set_pin_wire_data[] = { |
153 | 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x59, | 56 | WIREDATA_CTAP_INIT, |
154 | 0x50, 0x8c, 0x27, 0x14, 0x83, 0x43, 0xd5, 0x00, | 57 | WIREDATA_CTAP_CBOR_INFO, |
155 | 0x22, 0x00, 0x03, 0x02, 0x05, 0x02, 0x01, 0x05, | 58 | WIREDATA_CTAP_CBOR_AUTHKEY, |
156 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 59 | WIREDATA_CTAP_CBOR_STATUS, |
157 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
158 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
159 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
160 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
161 | 0x00, 0x22, 0x00, 0x03, 0x90, 0x00, 0x51, 0x00, | ||
162 | 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, | ||
163 | 0x20, 0x01, 0x21, 0x58, 0x20, 0x2a, 0xb8, 0x2d, | ||
164 | 0x36, 0x69, 0xab, 0x30, 0x9d, 0xe3, 0x5e, 0x9b, | ||
165 | 0xfb, 0x94, 0xfc, 0x1d, 0x92, 0x95, 0xaf, 0x01, | ||
166 | 0x47, 0xfe, 0x4b, 0x87, 0xe5, 0xcf, 0x3f, 0x05, | ||
167 | 0x0b, 0x39, 0xda, 0x17, 0x49, 0x22, 0x58, 0x20, | ||
168 | 0x15, 0x1b, 0xbe, 0x08, 0x78, 0x60, 0x4d, 0x3c, | ||
169 | 0x00, 0x22, 0x00, 0x03, 0x00, 0x3f, 0xf1, 0x60, | ||
170 | 0xa6, 0xd8, 0xf8, 0xed, 0xce, 0x4a, 0x30, 0x5d, | ||
171 | 0x1a, 0xaf, 0x80, 0xc4, 0x0a, 0xd2, 0x6f, 0x77, | ||
172 | 0x38, 0x12, 0x97, 0xaa, 0xbd, 0x00, 0x00, 0x00, | ||
173 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
174 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
175 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
176 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
177 | 0x00, 0x22, 0x00, 0x03, 0x90, 0x00, 0x01, 0x00, | ||
178 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
179 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
180 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
181 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
182 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
183 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
184 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | ||
185 | }; | 60 | }; |
186 | 61 | ||
187 | static const uint8_t dummy_change_pin_wire_data[] = { | 62 | static const uint8_t dummy_change_pin_wire_data[] = { |
188 | 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x48, | 63 | WIREDATA_CTAP_INIT, |
189 | 0xfd, 0xf9, 0xde, 0x28, 0x21, 0x99, 0xd5, 0x00, | 64 | WIREDATA_CTAP_CBOR_INFO, |
190 | 0x22, 0x00, 0x04, 0x02, 0x05, 0x02, 0x01, 0x05, | 65 | WIREDATA_CTAP_CBOR_AUTHKEY, |
191 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 66 | WIREDATA_CTAP_CBOR_STATUS, |
192 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
193 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
194 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
195 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
196 | 0x00, 0x22, 0x00, 0x04, 0x90, 0x00, 0x51, 0x00, | ||
197 | 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, | ||
198 | 0x20, 0x01, 0x21, 0x58, 0x20, 0x2a, 0xb8, 0x2d, | ||
199 | 0x36, 0x69, 0xab, 0x30, 0x9d, 0xe3, 0x5e, 0x9b, | ||
200 | 0xfb, 0x94, 0xfc, 0x1d, 0x92, 0x95, 0xaf, 0x01, | ||
201 | 0x47, 0xfe, 0x4b, 0x87, 0xe5, 0xcf, 0x3f, 0x05, | ||
202 | 0x0b, 0x39, 0xda, 0x17, 0x49, 0x22, 0x58, 0x20, | ||
203 | 0x15, 0x1b, 0xbe, 0x08, 0x78, 0x60, 0x4d, 0x3c, | ||
204 | 0x00, 0x22, 0x00, 0x04, 0x00, 0x3f, 0xf1, 0x60, | ||
205 | 0xa6, 0xd8, 0xf8, 0xed, 0xce, 0x4a, 0x30, 0x5d, | ||
206 | 0x1a, 0xaf, 0x80, 0xc4, 0x0a, 0xd2, 0x6f, 0x77, | ||
207 | 0x38, 0x12, 0x97, 0xaa, 0xbd, 0x00, 0x00, 0x00, | ||
208 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
209 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
210 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
211 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
212 | 0x00, 0x22, 0x00, 0x04, 0x90, 0x00, 0x01, 0x00, | ||
213 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
214 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
215 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
216 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
217 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
218 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
219 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | ||
220 | }; | 67 | }; |
221 | 68 | ||
222 | static const uint8_t dummy_retry_wire_data[] = { | 69 | static const uint8_t dummy_retry_wire_data[] = { |
223 | 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x7f, | 70 | WIREDATA_CTAP_INIT, |
224 | 0xaa, 0x73, 0x3e, 0x95, 0x98, 0xa8, 0x60, 0x00, | 71 | WIREDATA_CTAP_CBOR_INFO, |
225 | 0x22, 0x00, 0x05, 0x02, 0x05, 0x02, 0x01, 0x05, | 72 | WIREDATA_CTAP_CBOR_RETRIES, |
226 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
227 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
228 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
229 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
230 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
231 | 0x00, 0x22, 0x00, 0x05, 0x90, 0x00, 0x04, 0x00, | ||
232 | 0xa1, 0x03, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
233 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
234 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
235 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
236 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
237 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
238 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | ||
239 | }; | 73 | }; |
240 | 74 | ||
241 | int LLVMFuzzerTestOneInput(const uint8_t *, size_t); | 75 | int LLVMFuzzerTestOneInput(const uint8_t *, size_t); |
@@ -277,12 +111,20 @@ pack(uint8_t *ptr, size_t len, const struct param *p) | |||
277 | return (max - len); | 111 | return (max - len); |
278 | } | 112 | } |
279 | 113 | ||
114 | static size_t | ||
115 | input_len(int max) | ||
116 | { | ||
117 | return (2 * len_string(max) + 5 * len_blob(max) + len_int()); | ||
118 | } | ||
119 | |||
280 | static fido_dev_t * | 120 | static fido_dev_t * |
281 | prepare_dev() | 121 | prepare_dev() |
282 | { | 122 | { |
283 | fido_dev_t *dev; | 123 | fido_dev_t *dev; |
284 | fido_dev_io_t io; | 124 | fido_dev_io_t io; |
285 | 125 | ||
126 | memset(&io, 0, sizeof(io)); | ||
127 | |||
286 | io.open = dev_open; | 128 | io.open = dev_open; |
287 | io.close = dev_close; | 129 | io.close = dev_close; |
288 | io.read = dev_read; | 130 | io.read = dev_read; |
@@ -304,9 +146,8 @@ dev_reset(struct param *p) | |||
304 | 146 | ||
305 | set_wire_data(p->reset_wire_data.body, p->reset_wire_data.len); | 147 | set_wire_data(p->reset_wire_data.body, p->reset_wire_data.len); |
306 | 148 | ||
307 | if ((dev = prepare_dev()) == NULL) { | 149 | if ((dev = prepare_dev()) == NULL) |
308 | return; | 150 | return; |
309 | } | ||
310 | 151 | ||
311 | fido_dev_reset(dev); | 152 | fido_dev_reset(dev); |
312 | fido_dev_close(dev); | 153 | fido_dev_close(dev); |
@@ -327,9 +168,8 @@ dev_get_cbor_info(struct param *p) | |||
327 | 168 | ||
328 | set_wire_data(p->info_wire_data.body, p->info_wire_data.len); | 169 | set_wire_data(p->info_wire_data.body, p->info_wire_data.len); |
329 | 170 | ||
330 | if ((dev = prepare_dev()) == NULL) { | 171 | if ((dev = prepare_dev()) == NULL) |
331 | return; | 172 | return; |
332 | } | ||
333 | 173 | ||
334 | proto = fido_dev_protocol(dev); | 174 | proto = fido_dev_protocol(dev); |
335 | major = fido_dev_major(dev); | 175 | major = fido_dev_major(dev); |
@@ -343,15 +183,10 @@ dev_get_cbor_info(struct param *p) | |||
343 | consume(&build, sizeof(build)); | 183 | consume(&build, sizeof(build)); |
344 | consume(&flags, sizeof(flags)); | 184 | consume(&flags, sizeof(flags)); |
345 | 185 | ||
346 | if ((ci = fido_cbor_info_new()) == NULL) { | 186 | if ((ci = fido_cbor_info_new()) == NULL) |
347 | fido_dev_close(dev); | 187 | goto out; |
348 | fido_dev_free(&dev); | ||
349 | return; | ||
350 | } | ||
351 | 188 | ||
352 | fido_dev_get_cbor_info(dev, ci); | 189 | fido_dev_get_cbor_info(dev, ci); |
353 | fido_dev_close(dev); | ||
354 | fido_dev_free(&dev); | ||
355 | 190 | ||
356 | for (size_t i = 0; i < fido_cbor_info_versions_len(ci); i++) { | 191 | for (size_t i = 0; i < fido_cbor_info_versions_len(ci); i++) { |
357 | char * const *sa = fido_cbor_info_versions_ptr(ci); | 192 | char * const *sa = fido_cbor_info_versions_ptr(ci); |
@@ -372,10 +207,17 @@ dev_get_cbor_info(struct param *p) | |||
372 | n = fido_cbor_info_maxmsgsiz(ci); | 207 | n = fido_cbor_info_maxmsgsiz(ci); |
373 | consume(&n, sizeof(n)); | 208 | consume(&n, sizeof(n)); |
374 | 209 | ||
210 | n = fido_cbor_info_fwversion(ci); | ||
211 | consume(&n, sizeof(n)); | ||
212 | |||
375 | consume(fido_cbor_info_aaguid_ptr(ci), fido_cbor_info_aaguid_len(ci)); | 213 | consume(fido_cbor_info_aaguid_ptr(ci), fido_cbor_info_aaguid_len(ci)); |
376 | consume(fido_cbor_info_protocols_ptr(ci), | 214 | consume(fido_cbor_info_protocols_ptr(ci), |
377 | fido_cbor_info_protocols_len(ci)); | 215 | fido_cbor_info_protocols_len(ci)); |
378 | 216 | ||
217 | out: | ||
218 | fido_dev_close(dev); | ||
219 | fido_dev_free(&dev); | ||
220 | |||
379 | fido_cbor_info_free(&ci); | 221 | fido_cbor_info_free(&ci); |
380 | } | 222 | } |
381 | 223 | ||
@@ -386,9 +228,8 @@ dev_set_pin(struct param *p) | |||
386 | 228 | ||
387 | set_wire_data(p->set_pin_wire_data.body, p->set_pin_wire_data.len); | 229 | set_wire_data(p->set_pin_wire_data.body, p->set_pin_wire_data.len); |
388 | 230 | ||
389 | if ((dev = prepare_dev()) == NULL) { | 231 | if ((dev = prepare_dev()) == NULL) |
390 | return; | 232 | return; |
391 | } | ||
392 | 233 | ||
393 | fido_dev_set_pin(dev, p->pin1, NULL); | 234 | fido_dev_set_pin(dev, p->pin1, NULL); |
394 | fido_dev_close(dev); | 235 | fido_dev_close(dev); |
@@ -402,9 +243,8 @@ dev_change_pin(struct param *p) | |||
402 | 243 | ||
403 | set_wire_data(p->change_pin_wire_data.body, p->change_pin_wire_data.len); | 244 | set_wire_data(p->change_pin_wire_data.body, p->change_pin_wire_data.len); |
404 | 245 | ||
405 | if ((dev = prepare_dev()) == NULL) { | 246 | if ((dev = prepare_dev()) == NULL) |
406 | return; | 247 | return; |
407 | } | ||
408 | 248 | ||
409 | fido_dev_set_pin(dev, p->pin2, p->pin1); | 249 | fido_dev_set_pin(dev, p->pin2, p->pin1); |
410 | fido_dev_close(dev); | 250 | fido_dev_close(dev); |
@@ -419,9 +259,8 @@ dev_get_retry_count(struct param *p) | |||
419 | 259 | ||
420 | set_wire_data(p->retry_wire_data.body, p->retry_wire_data.len); | 260 | set_wire_data(p->retry_wire_data.body, p->retry_wire_data.len); |
421 | 261 | ||
422 | if ((dev = prepare_dev()) == NULL) { | 262 | if ((dev = prepare_dev()) == NULL) |
423 | return; | 263 | return; |
424 | } | ||
425 | 264 | ||
426 | fido_dev_get_retry_count(dev, &n); | 265 | fido_dev_get_retry_count(dev, &n); |
427 | consume(&n, sizeof(n)); | 266 | consume(&n, sizeof(n)); |
@@ -436,12 +275,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) | |||
436 | 275 | ||
437 | memset(&p, 0, sizeof(p)); | 276 | memset(&p, 0, sizeof(p)); |
438 | 277 | ||
439 | if (unpack(data, size, &p) < 0) | 278 | if (size < input_len(GETLEN_MIN) || size > input_len(GETLEN_MAX) || |
279 | unpack(data, size, &p) < 0) | ||
440 | return (0); | 280 | return (0); |
441 | 281 | ||
442 | srandom((unsigned int)p.seed); | 282 | prng_init((unsigned int)p.seed); |
443 | 283 | ||
444 | fido_init(0); | 284 | fido_init(FIDO_DEBUG); |
285 | fido_set_log_handler(consume_str); | ||
445 | 286 | ||
446 | dev_reset(&p); | 287 | dev_reset(&p); |
447 | dev_get_cbor_info(&p); | 288 | dev_get_cbor_info(&p); |