Fuzz introspector: der_roundtrip
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
4 62 2 :

['ERR_put_error', 'cbb_on_error(cbb_st*)']

4 62 CBB_flush call site: 00073 /src/boringssl/crypto/bytestring/cbb.cc:258
4 4 1 :

['cbb_on_error(cbb_st*)']

4 4 cbb_add_u(cbb_st*,unsignedlong,unsignedlong) call site: 00000 /src/boringssl/crypto/bytestring/cbb.cc:441
2 2 1 :

['OPENSSL_memory_get_size']

2 88 OPENSSL_realloc call site: 00081 /src/boringssl/crypto/mem.cc:273
2 2 1 :

['OPENSSL_memory_alloc']

2 60 OPENSSL_malloc call site: 00031 /src/boringssl/crypto/mem.cc:191
2 2 1 :

['__errno_location']

2 6 ERR_put_error call site: 00037 /src/boringssl/crypto/err/err.cc:591
2 2 1 :

['OPENSSL_memory_free']

2 2 OPENSSL_free call site: 00086 /src/boringssl/crypto/mem.cc:243
2 2 1 :

['abort']

2 2 CRYPTO_once call site: 00040 /src/boringssl/crypto/thread_pthread.cc:59
0 77 1 :

['BN_new']

0 206 BN_bin2bn call site: 00161 /src/boringssl/crypto/fipsmodule/bn/bytes.cc.inc:53
0 58 1 :

['ERR_put_error']

0 58 CBB_finish call site: 00217 /src/boringssl/crypto/bytestring/cbb.cc:125
0 58 1 :

['ERR_put_error']

0 58 bn_wexpand call site: 00164 /src/boringssl/crypto/fipsmodule/bn/bn.cc.inc:305
0 58 1 :

['ERR_put_error']

0 58 OPENSSL_malloc call site: 00034 /src/boringssl/crypto/mem.cc:206
0 20 1 :

['ECDSA_SIG_free']

0 20 ECDSA_SIG_new call site: 00140 /src/boringssl/crypto/ecdsa/ecdsa_asn1.cc:162

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 CBS_init [function] [call site] 00001
1 CBS_get_any_asn1 [function] [call site] 00002
2 CBS_get_any_asn1_element [function] [call site] 00003
3 cbs_get_any_asn1_element(cbs_st*, cbs_st*, unsigned int*, unsigned long*, int*, int*, int) [function] [call site] 00004
4 __assert_fail [call site] 00005
4 __assert_fail [call site] 00006
4 parse_asn1_tag(cbs_st*, unsigned int*) [function] [call site] 00007
5 CBS_get_u8 [function] [call site] 00008
6 cbs_get(cbs_st*, unsigned char const**, unsigned long) [function] [call site] 00009
5 parse_base128_integer(cbs_st*, unsigned long*) [function] [call site] 00010
6 CBS_get_u8 [function] [call site] 00011
4 CBS_get_u8 [function] [call site] 00012
4 CBS_len [function] [call site] 00013
4 CBS_get_bytes [function] [call site] 00014
5 cbs_get(cbs_st*, unsigned char const**, unsigned long) [function] [call site] 00015
5 CBS_init [function] [call site] 00016
4 cbs_get_u(cbs_st*, unsigned long*, unsigned long) [function] [call site] 00017
5 cbs_get(cbs_st*, unsigned char const**, unsigned long) [function] [call site] 00018
4 CBS_get_bytes [function] [call site] 00019
2 CBS_skip [function] [call site] 00020
3 cbs_get(cbs_st*, unsigned char const**, unsigned long) [function] [call site] 00021
2 __assert_fail [call site] 00022
1 CBS_len [function] [call site] 00023
1 bssl::internal::StackAllocated<cbb_st, void, &CBB_zero, &CBB_cleanup>::StackAllocated() [function] [call site] 00024
2 CBB_zero [function] [call site] 00025
3 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00026
1 bssl::internal::StackAllocated<cbb_st, void, &CBB_zero, &CBB_cleanup>::get() [function] [call site] 00027
1 CBB_init [function] [call site] 00028
2 CBB_zero [function] [call site] 00029
2 OPENSSL_malloc [function] [call site] 00030
3 should_fail_allocation() [function] [call site] 00031
3 __assert_fail [call site] 00032
3 __assert_fail [call site] 00033
3 OPENSSL_memory_alloc [call site] 00034
3 __asan_poison_memory_region(void const*, unsigned long) [function] [call site] 00035
3 ERR_put_error [function] [call site] 00036
4 err_get_state() [function] [call site] 00037
5 CRYPTO_get_thread_local [function] [call site] 00038
6 CRYPTO_once [function] [call site] 00039
7 pthread_once [call site] 00040
7 abort [call site] 00041
6 thread_local_init() [function] [call site] 00042
7 pthread_key_create [call site] 00043
7 thread_local_destructor(void*) [function] [call site] 00044
8 pthread_mutex_lock [call site] 00045
8 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00046
8 pthread_mutex_unlock [call site] 00047
6 pthread_getspecific [call site] 00048
5 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00049
5 CRYPTO_set_thread_local [function] [call site] 00050
6 CRYPTO_once [function] [call site] 00051
6 thread_local_init() [function] [call site] 00052
6 pthread_getspecific [call site] 00053
6 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00054
6 pthread_setspecific [call site] 00055
6 pthread_mutex_lock [call site] 00056
6 pthread_mutex_unlock [call site] 00057
5 err_state_free(void*) [function] [call site] 00058
6 err_clear((anonymous namespace)::err_error_st*) [function] [call site] 00059
7 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00060
4 __errno_location [call site] 00061
4 err_clear((anonymous namespace)::err_error_st*) [function] [call site] 00062
2 cbb_init(cbb_st*, unsigned char*, unsigned long, int) [function] [call site] 00063
1 bssl::internal::StackAllocated<cbb_st, void, &CBB_zero, &CBB_cleanup>::get() [function] [call site] 00064
1 CBS_data [function] [call site] 00065
1 CBS_len [function] [call site] 00066
1 CBB_add_asn1_element [function] [call site] 00067
2 CBB_add_asn1 [function] [call site] 00068
3 CBB_flush [function] [call site] 00069
4 cbb_get_base(cbb_st*) [function] [call site] 00070
4 __assert_fail [call site] 00071
4 __assert_fail [call site] 00072
4 CBB_flush [function] [call site] 00073
5 __assert_fail [call site] 00074
5 ERR_put_error [function] [call site] 00075
5 cbb_buffer_add(cbb_buffer_st*, unsigned char**, unsigned long) [function] [call site] 00076
6 cbb_buffer_reserve(cbb_buffer_st*, unsigned char**, unsigned long) [function] [call site] 00077
7 ERR_put_error [function] [call site] 00078
7 ERR_put_error [function] [call site] 00079
7 OPENSSL_realloc [function] [call site] 00080
8 OPENSSL_malloc [function] [call site] 00081
8 OPENSSL_memory_get_size [call site] 00082
8 __asan_unpoison_memory_region(void const*, unsigned long) [function] [call site] 00083
8 __asan_poison_memory_region(void const*, unsigned long) [function] [call site] 00084
8 OPENSSL_malloc [function] [call site] 00085
8 OPENSSL_free [function] [call site] 00086
9 OPENSSL_memory_free [call site] 00087
9 __asan_unpoison_memory_region(void const*, unsigned long) [function] [call site] 00088
9 OPENSSL_cleanse [function] [call site] 00089
10 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00090
5 OPENSSL_memmove(void*, void const*, unsigned long) [function] [call site] 00091
5 ERR_put_error [function] [call site] 00092
5 cbb_on_error(cbb_st*) [function] [call site] 00093
6 cbb_get_base(cbb_st*) [function] [call site] 00094
3 CBB_add_u8 [function] [call site] 00095
4 cbb_add_u(cbb_st*, unsigned long, unsigned long) [function] [call site] 00096
5 CBB_add_space [function] [call site] 00097
6 CBB_flush [function] [call site] 00098
6 cbb_get_base(cbb_st*) [function] [call site] 00099
6 cbb_buffer_add(cbb_buffer_st*, unsigned char**, unsigned long) [function] [call site] 00100
5 cbb_on_error(cbb_st*) [function] [call site] 00101
3 add_base128_integer(cbb_st*, unsigned long) [function] [call site] 00102
4 CBB_add_u8 [function] [call site] 00103
3 CBB_add_u8 [function] [call site] 00104
3 cbb_add_child(cbb_st*, cbb_st*, unsigned char, int) [function] [call site] 00105
4 __assert_fail [call site] 00106
4 __assert_fail [call site] 00107
4 cbb_get_base(cbb_st*) [function] [call site] 00108
4 cbb_buffer_add(cbb_buffer_st*, unsigned char**, unsigned long) [function] [call site] 00109
4 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00110
4 CBB_zero [function] [call site] 00111
2 CBB_add_bytes [function] [call site] 00112
3 CBB_add_space [function] [call site] 00113
3 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00114
2 CBB_flush [function] [call site] 00115
2 cbb_on_error(cbb_st*) [function] [call site] 00116
1 bssl::internal::StackAllocated<cbb_st, void, &CBB_zero, &CBB_cleanup>::get() [function] [call site] 00117
1 CBB_len [function] [call site] 00118
2 __assert_fail [call site] 00119
2 __assert_fail [call site] 00120
1 bssl::internal::StackAllocated<cbb_st, void, &CBB_zero, &CBB_cleanup>::get() [function] [call site] 00121
1 CBB_data [function] [call site] 00122
2 __assert_fail [call site] 00123
1 memcmp [call site] 00124
1 abort [call site] 00125
1 bssl::internal::StackAllocated<cbb_st, void, &CBB_zero, &CBB_cleanup>::~StackAllocated() [function] [call site] 00126
2 CBB_cleanup [function] [call site] 00127
3 __assert_fail [call site] 00128
3 OPENSSL_free [function] [call site] 00129
2 __clang_call_terminate [call site] 00130
3 __cxa_begin_catch [call site] 00131
1 ECDSA_SIG_from_bytes [function] [call site] 00132
2 CBS_init [function] [call site] 00133
2 ECDSA_SIG_parse [function] [call site] 00134
3 ECDSA_SIG_new [function] [call site] 00135
4 OPENSSL_malloc [function] [call site] 00136
4 BN_new [function] [call site] 00137
5 OPENSSL_malloc [function] [call site] 00138
5 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00139
4 BN_new [function] [call site] 00140
4 ECDSA_SIG_free [function] [call site] 00141
5 BN_free [function] [call site] 00142
6 OPENSSL_free [function] [call site] 00143
6 OPENSSL_free [function] [call site] 00144
5 BN_free [function] [call site] 00145
5 OPENSSL_free [function] [call site] 00146
3 CBS_get_asn1 [function] [call site] 00147
4 cbs_get_asn1(cbs_st*, cbs_st*, unsigned int, int) [function] [call site] 00148
5 CBS_get_any_asn1_element [function] [call site] 00149
5 CBS_skip [function] [call site] 00150
5 __assert_fail [call site] 00151
3 BN_parse_asn1_unsigned [function] [call site] 00152
4 CBS_get_asn1 [function] [call site] 00153
4 CBS_is_valid_asn1_integer [function] [call site] 00154
5 CBS_get_u8 [function] [call site] 00155
5 CBS_get_u8 [function] [call site] 00156
4 ERR_put_error [function] [call site] 00157
4 ERR_put_error [function] [call site] 00158
4 CBS_data [function] [call site] 00159
4 CBS_len [function] [call site] 00160
4 BN_bin2bn [function] [call site] 00161
5 BN_new [function] [call site] 00162
5 bn_wexpand [function] [call site] 00163
6 ERR_put_error [function] [call site] 00164
6 ERR_put_error [function] [call site] 00165
6 OPENSSL_calloc [function] [call site] 00166
7 ERR_put_error [function] [call site] 00167
7 OPENSSL_zalloc [function] [call site] 00168
8 OPENSSL_malloc [function] [call site] 00169
8 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00170
6 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00171
6 OPENSSL_free [function] [call site] 00172
5 BN_free [function] [call site] 00173
5 __assert_fail [call site] 00174
5 bn_big_endian_to_words [function] [call site] 00175
6 abort [call site] 00176
6 CRYPTO_load_word_be(void const*) [function] [call site] 00177
7 OPENSSL_memcpy(void*, void const*, unsigned long) [function] [call site] 00178
7 CRYPTO_bswap8(unsigned long) [function] [call site] 00179
6 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00180
3 BN_parse_asn1_unsigned [function] [call site] 00181
3 CBS_len [function] [call site] 00182
3 ERR_put_error [function] [call site] 00183
3 ECDSA_SIG_free [function] [call site] 00184
2 CBS_len [function] [call site] 00185
2 ERR_put_error [function] [call site] 00186
2 ECDSA_SIG_free [function] [call site] 00187
1 ECDSA_SIG_to_bytes [function] [call site] 00188
2 CBB_zero [function] [call site] 00189
2 CBB_init [function] [call site] 00190
2 ECDSA_SIG_marshal [function] [call site] 00191
3 CBB_add_asn1 [function] [call site] 00192
3 BN_marshal_asn1 [function] [call site] 00193
4 BN_is_negative [function] [call site] 00194
4 ERR_put_error [function] [call site] 00195
4 CBB_add_asn1 [function] [call site] 00196
4 BN_num_bits [function] [call site] 00197
5 bn_minimal_width [function] [call site] 00198
5 BN_num_bits_word [function] [call site] 00199
4 CBB_add_u8 [function] [call site] 00200
4 BN_num_bytes [function] [call site] 00201
5 BN_num_bits [function] [call site] 00202
4 BN_bn2cbb_padded [function] [call site] 00203
5 CBB_add_space [function] [call site] 00204
5 BN_bn2bin_padded [function] [call site] 00205
6 fits_in_bytes(unsigned long const*, unsigned long, unsigned long) [function] [call site] 00206
6 bn_words_to_big_endian [function] [call site] 00207
7 fits_in_bytes(unsigned long const*, unsigned long, unsigned long) [function] [call site] 00208
7 constant_time_declassify_int(int) [function] [call site] 00209
8 value_barrier_u32(unsigned int) [function] [call site] 00210
7 __assert_fail [call site] 00211
7 OPENSSL_memset(void*, int, unsigned long) [function] [call site] 00212
4 CBB_flush [function] [call site] 00213
4 ERR_put_error [function] [call site] 00214
3 CBB_flush [function] [call site] 00215
3 ERR_put_error [function] [call site] 00216
2 CBB_finish [function] [call site] 00217
3 ERR_put_error [function] [call site] 00218
3 CBB_flush [function] [call site] 00219
3 CBB_cleanup [function] [call site] 00220
2 ERR_put_error [function] [call site] 00221
2 CBB_cleanup [function] [call site] 00222
1 memcmp [call site] 00223
1 abort [call site] 00224
1 OPENSSL_free [function] [call site] 00225
1 ECDSA_SIG_free [function] [call site] 00226