diff options
Diffstat (limited to 'regress/unittests/sshkey/test_fuzz.c')
| -rw-r--r-- | regress/unittests/sshkey/test_fuzz.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c index a3f61a6df..1f08a2e43 100644 --- a/regress/unittests/sshkey/test_fuzz.c +++ b/regress/unittests/sshkey/test_fuzz.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: test_fuzz.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */ | 1 | /* $OpenBSD: test_fuzz.c,v 1.4 2015/03/04 23:22:35 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Fuzz tests for key parsing | 3 | * Fuzz tests for key parsing |
| 4 | * | 4 | * |
| @@ -53,7 +53,7 @@ public_fuzz(struct sshkey *k) | |||
| 53 | struct fuzz *fuzz; | 53 | struct fuzz *fuzz; |
| 54 | 54 | ||
| 55 | ASSERT_PTR_NE(buf = sshbuf_new(), NULL); | 55 | ASSERT_PTR_NE(buf = sshbuf_new(), NULL); |
| 56 | ASSERT_INT_EQ(sshkey_to_blob_buf(k, buf), 0); | 56 | ASSERT_INT_EQ(sshkey_putb(k, buf), 0); |
| 57 | /* XXX need a way to run the tests in "slow, but complete" mode */ | 57 | /* XXX need a way to run the tests in "slow, but complete" mode */ |
| 58 | fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* XXX too slow FUZZ_2_BIT_FLIP | */ | 58 | fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* XXX too slow FUZZ_2_BIT_FLIP | */ |
| 59 | FUZZ_1_BYTE_FLIP | /* XXX too slow FUZZ_2_BYTE_FLIP | */ | 59 | FUZZ_1_BYTE_FLIP | /* XXX too slow FUZZ_2_BYTE_FLIP | */ |
| @@ -87,8 +87,11 @@ sig_fuzz(struct sshkey *k) | |||
| 87 | free(sig); | 87 | free(sig); |
| 88 | TEST_ONERROR(onerror, fuzz); | 88 | TEST_ONERROR(onerror, fuzz); |
| 89 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 89 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { |
| 90 | sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz), | 90 | /* Ensure 1-bit difference at least */ |
| 91 | c, sizeof(c), 0); | 91 | if (fuzz_matches_original(fuzz)) |
| 92 | continue; | ||
| 93 | ASSERT_INT_NE(sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz), | ||
| 94 | c, sizeof(c), 0), 0); | ||
| 92 | } | 95 | } |
| 93 | fuzz_cleanup(fuzz); | 96 | fuzz_cleanup(fuzz); |
| 94 | } | 97 | } |
| @@ -101,6 +104,7 @@ sshkey_fuzz_tests(void) | |||
| 101 | struct fuzz *fuzz; | 104 | struct fuzz *fuzz; |
| 102 | int r; | 105 | int r; |
| 103 | 106 | ||
| 107 | #ifdef WITH_SSH1 | ||
| 104 | TEST_START("fuzz RSA1 private"); | 108 | TEST_START("fuzz RSA1 private"); |
| 105 | buf = load_file("rsa1_1"); | 109 | buf = load_file("rsa1_1"); |
| 106 | fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | | 110 | fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | |
| @@ -144,6 +148,7 @@ sshkey_fuzz_tests(void) | |||
| 144 | sshbuf_free(fuzzed); | 148 | sshbuf_free(fuzzed); |
| 145 | fuzz_cleanup(fuzz); | 149 | fuzz_cleanup(fuzz); |
| 146 | TEST_DONE(); | 150 | TEST_DONE(); |
| 151 | #endif | ||
| 147 | 152 | ||
| 148 | TEST_START("fuzz RSA private"); | 153 | TEST_START("fuzz RSA private"); |
| 149 | buf = load_file("rsa_1"); | 154 | buf = load_file("rsa_1"); |