/src/libssh/tests/fuzz/ssh_sshsig_fuzzer.c

Source (jump to first uncovered line)
/*
 * Copyright 2025 Jakub Jelen <jjelen@redhat.com>
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define LIBSSH_STATIC 1
#include "libssh/libssh.h"

static void _fuzz_finalize(void)
{
    ssh_finalize();
}

int LLVMFuzzerInitialize(int *argc, char ***argv)
{
    (void)argc;
    (void)argv;

    ssh_init();

    atexit(_fuzz_finalize);

    return 0;
}

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
    ssh_key pkey = NULL;
    const char input[] = "badc0de";
    const char namespace[] = "namespace";
    char *signature = NULL;
    int rc;

    signature = (char *)malloc(size + 1);
    if (signature == NULL) {
        return 1;
    }
    strncpy(signature, (const char *)data, size);
    signature[size] = '\0';

    rc = sshsig_verify(input, sizeof(input), signature, namespace, &pkey);
    free(signature);
    if (rc != SSH_OK) {
        return 1;
    }
    ssh_key_free(pkey);

    return 0;
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2025 Jakub Jelen <jjelen@redhat.com>
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16
17		#include <stdio.h>
18		#include <stdlib.h>
19		#include <string.h>
20
21		#define LIBSSH_STATIC 1
22		#include "libssh/libssh.h"
23
24		static void _fuzz_finalize(void)
25	2	{
26	2	ssh_finalize();
27	2	}
28
29		int LLVMFuzzerInitialize(int argc, char **argv)
30	2	{
31	2	(void)argc;
32	2	(void)argv;
33
34	2	ssh_init();
35
36	2	atexit(_fuzz_finalize);
37
38	2	return 0;
39	2	}
40
41		int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
42	179	{
43	179	ssh_key pkey = NULL;
44	179	const char input[] = "badc0de";
45	179	const char namespace[] = "namespace";
46	179	char *signature = NULL;
47	179	int rc;
48
49	179	signature = (char *)malloc(size + 1);
50	179	if (signature == NULL) {
51	0	return 1;
52	0	}
53	179	strncpy(signature, (const char *)data, size);
54	179	signature[size] = '\0';
55
56	179	rc = sshsig_verify(input, sizeof(input), signature, namespace, &pkey);
57	179	free(signature);
58	179	if (rc != SSH_OK) {
59	179	return 1;
60	179	}
61	0	ssh_key_free(pkey);
62
63	0	return 0;
64	179	}

Coverage Report

Created: 2025-09-04 07:58