Coverage for /pythoncovmergedfiles/medio/medio/src/fuzz_ntlm_auth.py: 50%

44 statements  

« prev     ^ index     » next       coverage.py v7.3.1, created at 2023-09-25 07:03 +0000

1###### Coverage stub 

2import atexit 

3import coverage 

4cov = coverage.coverage(data_file='.coverage', cover_pylib=True) 

5cov.start() 

6# Register an exist handler that will print coverage 

7def exit_handler(): 

8 cov.stop() 

9 cov.save() 

10atexit.register(exit_handler) 

11####### End of coverage stub 

12#!/usr/bin/python3 

13# Copyright 2023 Google LLC 

14# 

15# Licensed under the Apache License, Version 2.0 (the "License"); 

16# you may not use this file except in compliance with the License. 

17# You may obtain a copy of the License at 

18# 

19# http://www.apache.org/licenses/LICENSE-2.0 

20# 

21# Unless required by applicable law or agreed to in writing, software 

22# distributed under the License is distributed on an "AS IS" BASIS, 

23# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 

24# See the License for the specific language governing permissions and 

25# limitations under the License. 

26import sys 

27import atheris 

28 

29import ntlm_auth.compute_hash as compute_hash 

30import ntlm_auth.compute_keys as compute_keys 

31from ntlm_auth.constants import SignSealConstants 

32from ntlm_auth.compute_response import ComputeResponse 

33 

34 

35def fuzz_hash(data): 

36 fdp = atheris.FuzzedDataProvider(data) 

37 compute_hash._lmowfv1(fdp.ConsumeUnicodeNoSurrogates(256)) 

38 compute_hash._ntowfv1(fdp.ConsumeUnicodeNoSurrogates(256)) 

39 

40 

41def fuzz_compute_response(data): 

42 fdp = atheris.FuzzedDataProvider(data) 

43 ComputeResponse._get_NTLMv1_response(fdp.ConsumeUnicodeNoSurrogates(256), 

44 fdp.ConsumeBytes(124)) 

45 ComputeResponse._get_NTLM2_response(fdp.ConsumeUnicodeNoSurrogates(256), 

46 fdp.ConsumeBytes(124), 

47 fdp.ConsumeBytes(124)) 

48 ComputeResponse._get_LMv1_response(fdp.ConsumeUnicodeNoSurrogates(256), 

49 fdp.ConsumeBytes(124)) 

50 ComputeResponse._get_LMv2_response(fdp.ConsumeUnicodeNoSurrogates(256), 

51 fdp.ConsumeUnicodeNoSurrogates(256), 

52 fdp.ConsumeUnicodeNoSurrogates(256), 

53 fdp.ConsumeBytes(124), 

54 fdp.ConsumeBytes(124)) 

55 

56 

57def fuzz_compute_keys(data): 

58 fdp = atheris.FuzzedDataProvider(data) 

59 try: 

60 compute_keys._get_exchange_key_ntlm_v1(fdp.ConsumeInt(4), 

61 fdp.ConsumeBytes(124), 

62 fdp.ConsumeBytes(124), 

63 fdp.ConsumeBytes(124), 

64 fdp.ConsumeBytes(124)) 

65 except ValueError: 

66 pass 

67 try: 

68 compute_keys.get_seal_key(fdp.ConsumeInt(4), fdp.ConsumeBytes(124), 

69 SignSealConstants.CLIENT_SEALING) 

70 except ValueError: 

71 pass 

72 

73 

74def TestOneInput(data): 

75 fuzz_hash(data) 

76 fuzz_compute_response(data) 

77 fuzz_compute_keys(data) 

78 

79 

80def main(): 

81 atheris.instrument_all() 

82 atheris.Setup(sys.argv, TestOneInput) 

83 atheris.Fuzz() 

84 

85 

86if __name__ == "__main__": 

87 main()