Coverage Report

Created: 2025-12-04 06:33

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/openssl32/fuzz/decoder.c
Line
Count
Source
1
/*
2
 * Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License");
5
 * you may not use this file except in compliance with the License.
6
 * You may obtain a copy of the License at
7
 * https://www.openssl.org/source/license.html
8
 * or in the file LICENSE in the source distribution.
9
 */
10
11
#include <openssl/decoder.h>
12
#include <openssl/err.h>
13
#include <openssl/rand.h>
14
#include "fuzzer.h"
15
16
static ASN1_PCTX *pctx;
17
18
int FuzzerInitialize(int *argc, char ***argv)
19
242
{
20
242
    FuzzerSetRand();
21
22
242
    OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS
23
242
                        | OPENSSL_INIT_ADD_ALL_CIPHERS
24
242
                        | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
25
26
242
    pctx = ASN1_PCTX_new();
27
242
    ASN1_PCTX_set_flags(pctx, ASN1_PCTX_FLAGS_SHOW_ABSENT
28
242
                              | ASN1_PCTX_FLAGS_SHOW_SEQUENCE
29
242
                              | ASN1_PCTX_FLAGS_SHOW_SSOF
30
242
                              | ASN1_PCTX_FLAGS_SHOW_TYPE
31
242
                              | ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME);
32
242
    ASN1_PCTX_set_str_flags(pctx, ASN1_STRFLGS_UTF8_CONVERT
33
242
                                  | ASN1_STRFLGS_SHOW_TYPE
34
242
                                  | ASN1_STRFLGS_DUMP_ALL);
35
36
242
    ERR_clear_error();
37
242
    CRYPTO_free_ex_index(0, -1);
38
242
    return 1;
39
242
}
40
41
int FuzzerTestOneInput(const uint8_t *buf, size_t len)
42
43.9k
{
43
43.9k
    OSSL_DECODER_CTX *dctx;
44
43.9k
    EVP_PKEY *pkey = NULL;
45
43.9k
    EVP_PKEY_CTX *ctx = NULL;
46
43.9k
    BIO *bio;
47
48
43.9k
    bio = BIO_new(BIO_s_null());
49
43.9k
    dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, NULL, NULL, NULL, 0, NULL,
50
43.9k
                                                NULL);
51
43.9k
    if (dctx == NULL) {
52
0
        return 0;
53
0
    }
54
43.9k
    if (OSSL_DECODER_from_data(dctx, &buf, &len)) {
55
22.9k
        EVP_PKEY *pkey2;
56
57
22.9k
        EVP_PKEY_print_public(bio, pkey, 1, pctx);
58
22.9k
        EVP_PKEY_print_private(bio, pkey, 1, pctx);
59
22.9k
        EVP_PKEY_print_params(bio, pkey, 1, pctx);
60
61
22.9k
        pkey2 = EVP_PKEY_dup(pkey);
62
22.9k
        OPENSSL_assert(pkey2 != NULL);
63
22.9k
        EVP_PKEY_eq(pkey, pkey2);
64
22.9k
        EVP_PKEY_free(pkey2);
65
66
22.9k
        ctx = EVP_PKEY_CTX_new(pkey, NULL);
67
        /*
68
         * Param check will take too long time on large DH parameters.
69
         * Skip it.
70
         */
71
22.9k
        if ((!EVP_PKEY_is_a(pkey, "DH") && !EVP_PKEY_is_a(pkey, "DHX"))
72
10.4k
            || EVP_PKEY_get_bits(pkey) <= 2048)
73
22.8k
            EVP_PKEY_param_check(ctx);
74
75
22.9k
        EVP_PKEY_public_check(ctx);
76
        /* Private and pairwise checks are unbounded, skip for large keys. */
77
22.9k
        if (EVP_PKEY_get_bits(pkey) <= 4096) {
78
21.0k
            EVP_PKEY_private_check(ctx);
79
21.0k
            EVP_PKEY_pairwise_check(ctx);
80
21.0k
        }
81
22.9k
        OPENSSL_assert(ctx != NULL);
82
22.9k
        EVP_PKEY_CTX_free(ctx);
83
22.9k
        EVP_PKEY_free(pkey);
84
22.9k
    }
85
43.9k
    OSSL_DECODER_CTX_free(dctx);
86
87
43.9k
    BIO_free(bio);
88
43.9k
    ERR_clear_error();
89
43.9k
    return 0;
90
43.9k
}
91
92
void FuzzerCleanup(void)
93
0
{
94
0
    ASN1_PCTX_free(pctx);
95
0
    FuzzerClearRand();
96
0
}