Fuzz introspector: read_pem
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
31 33 3 :

['sk_void_free', 'CRYPTO_get_ex_data', 'CRYPTO_atomic_load_u32']

31 33 CRYPTO_free_ex_data call site: 00131 /src/boringssl/crypto/ex_data.cc:113
2 2 1 :

['OPENSSL_memory_get_size']

2 88 OPENSSL_realloc call site: 00069 /src/boringssl/crypto/mem.cc:273
2 2 1 :

['OPENSSL_memory_alloc']

2 60 OPENSSL_malloc call site: 00034 /src/boringssl/crypto/mem.cc:191
2 2 1 :

['__errno_location']

2 6 ERR_put_error call site: 00004 /src/boringssl/crypto/err/err.cc:591
2 2 1 :

['OPENSSL_memmove(void*, void const*, unsigned long)']

2 2 mem_read(bio_st*,char*,int) call site: 00000 /src/boringssl/crypto/bio/bio_mem.cc:106
2 2 1 :

['OPENSSL_memory_free']

2 2 OPENSSL_free call site: 00042 /src/boringssl/crypto/mem.cc:243
2 2 1 :

['abort']

2 2 CRYPTO_once call site: 00007 /src/boringssl/crypto/thread_pthread.cc:59
0 58 1 :

['ERR_put_error']

0 58 BIO_new_mem_buf call site: 00002 /src/boringssl/crypto/bio/bio_mem.cc:33
0 58 1 :

['ERR_put_error']

0 58 BUF_MEM_reserve call site: 00066 /src/boringssl/crypto/buf/buf.cc:49
0 58 1 :

['ERR_put_error']

0 58 OPENSSL_malloc call site: 00037 /src/boringssl/crypto/mem.cc:206
0 0 None 12 910 PEM_read_bio call site: 00064 /src/boringssl/crypto/pem/pem_lib.cc:592
0 0 None 12 808 PEM_read_bio call site: 00077 /src/boringssl/crypto/pem/pem_lib.cc:601

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 BIO_new_mem_buf [function] [call site] 00001
2 strlen [call site] 00002
2 ERR_put_error [function] [call site] 00003
3 err_get_state() [function] [call site] 00004
4 CRYPTO_get_thread_local [function] [call site] 00005
5 CRYPTO_once [function] [call site] 00006
6 pthread_once [call site] 00007
6 abort [call site] 00008
5 thread_local_init() [function] [call site] 00009
6 pthread_key_create [call site] 00010
6 thread_local_destructor(void*) [function] [call site] 00011
7 pthread_mutex_lock [call site] 00012
7 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00013
7 pthread_mutex_unlock [call site] 00014
5 pthread_getspecific [call site] 00015
4 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00016
4 CRYPTO_set_thread_local [function] [call site] 00017
5 CRYPTO_once [function] [call site] 00018
5 thread_local_init() [function] [call site] 00019
5 pthread_getspecific [call site] 00020
5 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00021
5 pthread_setspecific [call site] 00022
5 pthread_mutex_lock [call site] 00023
5 pthread_mutex_unlock [call site] 00024
4 err_state_free(void*) [function] [call site] 00025
5 err_clear((anonymous namespace)::err_error_st*) [function] [call site] 00026
6 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00027
3 __errno_location [call site] 00028
3 err_clear((anonymous namespace)::err_error_st*) [function] [call site] 00029
2 BIO_s_mem [function] [call site] 00030
2 BIO_new [function] [call site] 00031
3 OPENSSL_zalloc [function] [call site] 00032
4 OPENSSL_malloc [function] [call site] 00033
5 should_fail_allocation() [function] [call site] 00034
5 __assert_fail [call site] 00035
5 __assert_fail [call site] 00036
5 OPENSSL_memory_alloc [call site] 00037
5 __asan_poison_memory_region(void const*, unsigned long) [function] [call site] 00038
5 ERR_put_error [function] [call site] 00039
4 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00040
3 CRYPTO_new_ex_data [function] [call site] 00041
3 OPENSSL_free [function] [call site] 00042
4 OPENSSL_memory_free [call site] 00043
4 __asan_unpoison_memory_region(void const*, unsigned long) [function] [call site] 00044
4 OPENSSL_cleanse [function] [call site] 00045
5 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00046
1 PEM_read_bio [function] [call site] 00047
2 BUF_MEM_new [function] [call site] 00048
3 OPENSSL_zalloc [function] [call site] 00049
2 BUF_MEM_new [function] [call site] 00050
2 BUF_MEM_new [function] [call site] 00051
2 BUF_MEM_free [function] [call site] 00052
3 OPENSSL_free [function] [call site] 00053
3 OPENSSL_free [function] [call site] 00054
2 BUF_MEM_free [function] [call site] 00055
2 BUF_MEM_free [function] [call site] 00056
2 BIO_gets [function] [call site] 00057
3 ERR_put_error [function] [call site] 00058
3 ERR_put_error [function] [call site] 00059
2 ERR_put_error [function] [call site] 00060
2 strncmp [call site] 00061
2 strlen [call site] 00062
2 strncmp [call site] 00063
2 BUF_MEM_grow [function] [call site] 00064
3 BUF_MEM_reserve [function] [call site] 00065
4 ERR_put_error [function] [call site] 00066
4 ERR_put_error [function] [call site] 00067
4 OPENSSL_realloc [function] [call site] 00068
5 OPENSSL_malloc [function] [call site] 00069
5 OPENSSL_memory_get_size [call site] 00070
5 __asan_unpoison_memory_region(void const*, unsigned long) [function] [call site] 00071
5 __asan_poison_memory_region(void const*, unsigned long) [function] [call site] 00072
5 OPENSSL_malloc [function] [call site] 00073
5 OPENSSL_free [function] [call site] 00074
3 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00075
2 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00076
2 BUF_MEM_grow [function] [call site] 00077
2 BUF_MEM_grow [function] [call site] 00079
2 strncmp [call site] 00080
2 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00081
2 BUF_MEM_grow [function] [call site] 00082
2 strncmp [call site] 00084
2 BUF_MEM_grow_clean [function] [call site] 00085
3 BUF_MEM_grow [function] [call site] 00086
2 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00087
2 strlen [call site] 00089
2 strncmp [call site] 00090
2 strncmp [call site] 00091
2 strncmp [call site] 00092
2 ERR_put_error [function] [call site] 00093
2 EVP_DecodeInit [function] [call site] 00094
3 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00095
2 EVP_DecodeUpdate [function] [call site] 00096
3 base64_decode_quad(unsigned char*, unsigned long*, unsigned char const*) [function] [call site] 00097
4 base64_ascii_to_bin(unsigned char) [function] [call site] 00098
5 constant_time_in_range_8(unsigned char, unsigned char, unsigned char) [function] [call site] 00099
6 constant_time_lt_args_8(unsigned char, unsigned char) [function] [call site] 00100
7 constant_time_msb_w(unsigned long) [function] [call site] 00101
5 constant_time_in_range_8(unsigned char, unsigned char, unsigned char) [function] [call site] 00102
5 constant_time_in_range_8(unsigned char, unsigned char, unsigned char) [function] [call site] 00103
5 constant_time_eq_8(unsigned long, unsigned long) [function] [call site] 00104
6 constant_time_eq_w(unsigned long, unsigned long) [function] [call site] 00105
7 constant_time_is_zero_w(unsigned long) [function] [call site] 00106
8 constant_time_msb_w(unsigned long) [function] [call site] 00107
5 constant_time_eq_8(unsigned long, unsigned long) [function] [call site] 00108
5 constant_time_eq_8(unsigned long, unsigned long) [function] [call site] 00109
4 base64_ascii_to_bin(unsigned char) [function] [call site] 00110
4 base64_ascii_to_bin(unsigned char) [function] [call site] 00111
4 base64_ascii_to_bin(unsigned char) [function] [call site] 00112
2 ERR_put_error [function] [call site] 00113
2 EVP_DecodeFinal [function] [call site] 00114
2 ERR_put_error [function] [call site] 00115
2 OPENSSL_free [function] [call site] 00116
2 OPENSSL_free [function] [call site] 00117
2 OPENSSL_free [function] [call site] 00118
2 BUF_MEM_free [function] [call site] 00119
2 BUF_MEM_free [function] [call site] 00120
2 BUF_MEM_free [function] [call site] 00121
1 OPENSSL_free [function] [call site] 00122
1 OPENSSL_free [function] [call site] 00123
1 OPENSSL_free [function] [call site] 00124
1 BIO_free [function] [call site] 00125
2 CRYPTO_refcount_dec_and_test_zero [function] [call site] 00126
3 CRYPTO_atomic_load_u32 [function] [call site] 00127
3 abort [call site] 00128
3 CRYPTO_atomic_compare_exchange_weak_u32 [function] [call site] 00129
2 CRYPTO_free_ex_data [function] [call site] 00131
3 CRYPTO_atomic_load_u32 [function] [call site] 00132
3 __assert_fail [call site] 00133
3 CRYPTO_get_ex_data [function] [call site] 00134
4 sk_void_num [function] [call site] 00135
5 OPENSSL_sk_num [function] [call site] 00136
4 sk_void_value [function] [call site] 00137
5 OPENSSL_sk_value [function] [call site] 00138
3 sk_void_free [function] [call site] 00139
4 OPENSSL_sk_free [function] [call site] 00140
5 OPENSSL_free [function] [call site] 00141
5 OPENSSL_free [function] [call site] 00142
2 OPENSSL_free [function] [call site] 00143
1 ERR_clear_error [function] [call site] 00144
2 err_get_state() [function] [call site] 00145
2 err_clear((anonymous namespace)::err_error_st*) [function] [call site] 00146