/src/nss/fuzz/targets/asn1.cc

Source (jump to first uncovered line)
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include <cstddef>
#include <cstdint>

#include "certt.h"
#include "keythi.h"
#include "secasn1.h"
#include "secdert.h"

#include "asn1/mutators.h"
#include "base/mutate.h"

const SEC_ASN1Template *templates[] = {CERT_AttributeTemplate,
                                       CERT_CertExtensionTemplate,
                                       CERT_CertificateRequestTemplate,
                                       CERT_CertificateTemplate,
                                       CERT_IssuerAndSNTemplate,
                                       CERT_NameTemplate,
                                       CERT_PublicKeyAndChallengeTemplate,
                                       CERT_RDNTemplate,
                                       CERT_SequenceOfCertExtensionTemplate,
                                       CERT_SetOfAttributeTemplate,
                                       CERT_SignedDataTemplate,
                                       CERT_SubjectPublicKeyInfoTemplate,
                                       CERT_TimeChoiceTemplate,
                                       CERT_ValidityTemplate,
                                       SEC_AnyTemplate,
                                       SEC_BitStringTemplate,
                                       SEC_BMPStringTemplate,
                                       SEC_BooleanTemplate,
                                       SEC_CertSequenceTemplate,
                                       SEC_EnumeratedTemplate,
                                       SEC_GeneralizedTimeTemplate,
                                       SEC_IA5StringTemplate,
                                       SEC_IntegerTemplate,
                                       SEC_NullTemplate,
                                       SEC_ObjectIDTemplate,
                                       SEC_OctetStringTemplate,
                                       SEC_PointerToAnyTemplate,
                                       SEC_PointerToEnumeratedTemplate,
                                       SEC_PointerToGeneralizedTimeTemplate,
                                       SEC_PointerToOctetStringTemplate,
                                       SEC_PrintableStringTemplate,
                                       SEC_SetOfAnyTemplate,
                                       SEC_SetOfEnumeratedTemplate,
                                       SEC_SequenceOfAnyTemplate,
                                       SEC_SequenceOfObjectIDTemplate,
                                       SEC_SignedCertificateTemplate,
                                       SEC_SkipTemplate,
                                       SEC_T61StringTemplate,
                                       SEC_UniversalStringTemplate,
                                       SEC_UTCTimeTemplate,
                                       SEC_UTF8StringTemplate,
                                       SEC_VisibleStringTemplate,
                                       SECKEY_DHParamKeyTemplate,
                                       SECKEY_DHPublicKeyTemplate,
                                       SECKEY_DSAPrivateKeyExportTemplate,
                                       SECKEY_DSAPublicKeyTemplate,
                                       SECKEY_PQGParamsTemplate,
                                       SECKEY_PrivateKeyInfoTemplate,
                                       SECKEY_RSAPSSParamsTemplate,
                                       SECKEY_RSAPublicKeyTemplate,
                                       SECOID_AlgorithmIDTemplate};

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  static char *dest[2048];

  PORTCheapArenaPool pool;
  PORT_InitCheapArena(&pool, DER_DEFAULT_CHUNKSIZE);

  for (auto tpl : templates) {
    memset(dest, 0, sizeof(dest));

    SECItem buf = {siBuffer, (unsigned char *)data, (unsigned int)size};
    (void)SEC_ASN1DecodeItem(&pool.arena, dest, tpl, &buf);
  }

  PORT_DestroyCheapArena(&pool);

  return 0;
}

extern "C" size_t LLVMFuzzerCustomMutator(uint8_t *data, size_t size,
                                          size_t max_size, unsigned int seed) {
  return CustomMutate(
      Mutators({ASN1Mutators::FlipConstructed, ASN1Mutators::ChangeType}), data,
      size, max_size, seed);
}

Line	Count	Source (jump to first uncovered line)
1		/* This Source Code Form is subject to the terms of the Mozilla Public
2		* License, v. 2.0. If a copy of the MPL was not distributed with this
3		* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5		#include <cstddef>
6		#include <cstdint>
7
8		#include "certt.h"
9		#include "keythi.h"
10		#include "secasn1.h"
11		#include "secdert.h"
12
13		#include "asn1/mutators.h"
14		#include "base/mutate.h"
15
16		const SEC_ASN1Template *templates[] = {CERT_AttributeTemplate,
17		CERT_CertExtensionTemplate,
18		CERT_CertificateRequestTemplate,
19		CERT_CertificateTemplate,
20		CERT_IssuerAndSNTemplate,
21		CERT_NameTemplate,
22		CERT_PublicKeyAndChallengeTemplate,
23		CERT_RDNTemplate,
24		CERT_SequenceOfCertExtensionTemplate,
25		CERT_SetOfAttributeTemplate,
26		CERT_SignedDataTemplate,
27		CERT_SubjectPublicKeyInfoTemplate,
28		CERT_TimeChoiceTemplate,
29		CERT_ValidityTemplate,
30		SEC_AnyTemplate,
31		SEC_BitStringTemplate,
32		SEC_BMPStringTemplate,
33		SEC_BooleanTemplate,
34		SEC_CertSequenceTemplate,
35		SEC_EnumeratedTemplate,
36		SEC_GeneralizedTimeTemplate,
37		SEC_IA5StringTemplate,
38		SEC_IntegerTemplate,
39		SEC_NullTemplate,
40		SEC_ObjectIDTemplate,
41		SEC_OctetStringTemplate,
42		SEC_PointerToAnyTemplate,
43		SEC_PointerToEnumeratedTemplate,
44		SEC_PointerToGeneralizedTimeTemplate,
45		SEC_PointerToOctetStringTemplate,
46		SEC_PrintableStringTemplate,
47		SEC_SetOfAnyTemplate,
48		SEC_SetOfEnumeratedTemplate,
49		SEC_SequenceOfAnyTemplate,
50		SEC_SequenceOfObjectIDTemplate,
51		SEC_SignedCertificateTemplate,
52		SEC_SkipTemplate,
53		SEC_T61StringTemplate,
54		SEC_UniversalStringTemplate,
55		SEC_UTCTimeTemplate,
56		SEC_UTF8StringTemplate,
57		SEC_VisibleStringTemplate,
58		SECKEY_DHParamKeyTemplate,
59		SECKEY_DHPublicKeyTemplate,
60		SECKEY_DSAPrivateKeyExportTemplate,
61		SECKEY_DSAPublicKeyTemplate,
62		SECKEY_PQGParamsTemplate,
63		SECKEY_PrivateKeyInfoTemplate,
64		SECKEY_RSAPSSParamsTemplate,
65		SECKEY_RSAPublicKeyTemplate,
66		SECOID_AlgorithmIDTemplate};
67
68	2.48k	extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
69	2.48k	static char *dest[2048];
70
71	2.48k	PORTCheapArenaPool pool;
72	2.48k	PORT_InitCheapArena(&pool, DER_DEFAULT_CHUNKSIZE);
73
74	126k	for (auto tpl : templates) {
75	126k	memset(dest, 0, sizeof(dest));
76
77	126k	SECItem buf = {siBuffer, (unsigned char *)data, (unsigned int)size};
78	126k	(void)SEC_ASN1DecodeItem(&pool.arena, dest, tpl, &buf);
79	126k	}
80
81	2.48k	PORT_DestroyCheapArena(&pool);
82
83	2.48k	return 0;
84	2.48k	}
85
86		extern "C" size_t LLVMFuzzerCustomMutator(uint8_t *data, size_t size,
87	0	size_t max_size, unsigned int seed) {
88	0	return CustomMutate(
89	0	Mutators({ASN1Mutators::FlipConstructed, ASN1Mutators::ChangeType}), data,
90	0	size, max_size, seed);
91	0	}

Coverage Report

Created: 2025-07-11 07:04