Coverage Report

Created: 2025-04-11 06:34

/src/botan/src/fuzzer/barrett.cpp
Line
Count
Source (jump to first uncovered line)
1
/*
2
* (C) 2018,2020 Jack Lloyd
3
*
4
* Botan is released under the Simplified BSD License (see license.txt)
5
*/
6
7
#include "fuzzers.h"
8
9
#include <botan/numthry.h>
10
#include <botan/reducer.h>
11
#include <botan/internal/divide.h>
12
13
1.33k
void fuzz(std::span<const uint8_t> in) {
14
1.33k
   static const size_t max_bits = 4096;
15
16
1.33k
   if(in.size() <= 4) {
17
4
      return;
18
4
   }
19
20
1.33k
   if(in.size() > 2 * (max_bits / 8)) {
21
19
      return;
22
19
   }
23
24
1.31k
   const size_t x_len = 2 * ((in.size() + 2) / 3);
25
26
1.31k
   Botan::BigInt x = Botan::BigInt::from_bytes(in.subspan(0, x_len));
27
1.31k
   const Botan::BigInt p = Botan::BigInt::from_bytes(in.subspan(x_len, in.size() - x_len));
28
29
1.31k
   if(p.is_zero()) {
30
2
      return;
31
2
   }
32
33
1.31k
   const size_t x_bits = x.bits();
34
1.31k
   if(x_bits % 8 == 0 && x_bits / 8 == x_len) {
35
766
      x.flip_sign();
36
766
   }
37
38
1.31k
   const Botan::BigInt ref = x % p;
39
40
1.31k
   const Botan::Modular_Reducer mod_p(p);
41
1.31k
   const Botan::BigInt z = mod_p.reduce(x);
42
43
1.31k
   const Botan::BigInt ct = ct_modulo(x, p);
44
45
1.31k
   if(ref != z || ref != ct) {
46
0
      FUZZER_WRITE_AND_CRASH("X = " << x.to_hex_string() << "\n"
47
0
                                    << "P = " << p.to_hex_string() << "\n"
48
0
                                    << "Barrett = " << z.to_hex_string() << "\n"
49
0
                                    << "Ct = " << ct.to_hex_string() << "\n"
50
0
                                    << "Ref = " << ref.to_hex_string() << "\n");
51
0
   }
52
1.31k
}