Fuzz introspector: TestFuzzCryptoCertificateDataSetPEM
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
469 500 4 :

['WLog_AddStringLogFilters_int', 'GetEnvironmentVariableA', 'malloc', 'free']

469 500 WLog_ParseFilters call site: 00240 /src/FreeRDP/winpr/libwinpr/utils/wlog/wlog.c:772
469 469 1 :

['log_recursion']

469 938 WLog_Write call site: 00037 /src/FreeRDP/winpr/libwinpr/utils/wlog/wlog.c:245
469 469 1 :

['WaitForCriticalSection']

469 477 EnterCriticalSection call site: 00038 /src/FreeRDP/winpr/libwinpr/synch/critical.c:186
469 469 1 :

['UnWaitCriticalSection']

469 469 LeaveCriticalSection call site: 00074 /src/FreeRDP/winpr/libwinpr/synch/critical.c:241
29 29 1 :

['Pcap_Close']

29 29 WLog_ConsoleAppender_Free call site: 00000 /src/FreeRDP/winpr/libwinpr/utils/wlog/ConsoleAppender.c:243
20 51 4 :

['GetEnvironmentVariableA', '_stricmp', 'malloc', 'free']

22 1460 WLog_InitializeRoot call site: 00186 /src/FreeRDP/winpr/libwinpr/utils/wlog/wlog.c:127
18 487 2 :

['WLog_SetLogLevel', 'WLog_Free']

18 956 WLog_New call site: 00160 /src/FreeRDP/winpr/libwinpr/utils/wlog/wlog.c:944
4 473 3 :

['WLog_Print_dbg_tag.2061', 'Sleep', 'InterlockedCompareExchangePointer']

4 473 winpr_InitOnceExecuteOnce call site: 00013 /src/FreeRDP/winpr/libwinpr/synch/init.c:67
3 3 1 :

['cert_blob_free']

3 3 certificate_free_x509_certificate_chain call site: 00320 /src/FreeRDP/libfreerdp/crypto/certificate.c:464
2 2 1 :

['BIO_new_file']

24 24 extract_chain_from_pem call site: 00263 /src/FreeRDP/libfreerdp/crypto/certificate.c:1353
2 2 1 :

['BIO_new_file']

6 6 x509_utils_from_pem call site: 00006 /src/FreeRDP/libfreerdp/crypto/x509_utils.c:628
2 2 2 :

['free', 'realloc']

2 471 WLog_AddChild call site: 00177 /src/FreeRDP/winpr/libwinpr/utils/wlog/wlog.c:994

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 calloc [call site] 00001
1 freerdp_certificate_data_new_from_pem [function] [call site] 00002
2 freerdp_certificate_new_from_pem [function] [call site] 00003
3 freerdp_certificate_new_from [function] [call site] 00004
4 strlen [call site] 00005
4 x509_utils_from_pem [function] [call site] 00006
5 BIO_new_file [call site] 00007
5 BIO_new_mem_buf [call site] 00008
5 WLog_Print_dbg_tag [function] [call site] 00009
6 WLog_Get [function] [call site] 00010
7 WLog_GetRoot [function] [call site] 00011
8 winpr_InitOnceExecuteOnce [function] [call site] 00012
9 InterlockedCompareExchangePointer [function] [call site] 00013
10 winpr_int_assert [function] [call site] 00014
11 WLog_Get [function] [call site] 00015
12 WLog_Get_int [function] [call site] 00016
13 WLog_FindChild [function] [call site] 00017
14 WLog_Lock [function] [call site] 00018
15 winpr_int_assert [function] [call site] 00019
16 WLog_IsLevelActive [function] [call site] 00020
17 WLog_GetLogLevel [function] [call site] 00021
18 WLog_GetFilterLogLevel [function] [call site] 00022
19 _stricmp [function] [call site] 00023
20 strcasecmp [call site] 00024
19 __assert_fail [call site] 00025
19 _stricmp [function] [call site] 00026
19 __assert_fail [call site] 00027
18 WLog_GetLogLevel [function] [call site] 00028
16 WLog_PrintTextMessage [function] [call site] 00029
17 WLog_PrintTextMessageVA [function] [call site] 00030
18 strchr [call site] 00031
18 WLog_Write [function] [call site] 00032
19 WLog_GetLogAppender [function] [call site] 00033
20 WLog_GetLogAppender [function] [call site] 00034
19 WLog_OpenAppender [function] [call site] 00035
20 WLog_GetLogAppender [function] [call site] 00036
19 EnterCriticalSection [function] [call site] 00037
20 winpr_int_assert [function] [call site] 00038
21 winpr_log_backtrace_ex [function] [call site] 00039
22 winpr_backtrace [function] [call site] 00040
23 winpr_unwind_backtrace [function] [call site] 00041
24 calloc [call site] 00042
24 calloc [call site] 00043
24 _Unwind_Backtrace [call site] 00044
24 unwind_backtrace_callback [function] [call site] 00045
25 __assert_fail [call site] 00046
25 _Unwind_GetIP [call site] 00047
25 _Unwind_GetLanguageSpecificData [call site] 00048
24 unwind_reason_str_buffer [function] [call site] 00049
25 unwind_reason_str [function] [call site] 00050
25 snprintf [call site] 00051
24 WLog_Print_dbg_tag [function] [call site] 00052
25 WLog_IsLevelActive [function] [call site] 00053
25 WLog_PrintMessageVA [function] [call site] 00054
26 strchr [call site] 00055
26 WLog_Write [function] [call site] 00056
27 log_recursion [function] [call site] 00057
28 winpr_backtrace [function] [call site] 00058
28 winpr_backtrace_symbols [function] [call site] 00059
29 WLog_Print_dbg_tag [function] [call site] 00060
29 winpr_unwind_backtrace_symbols [function] [call site] 00061
30 calloc [call site] 00062
30 dladdr [call site] 00063
30 snprintf [call site] 00064
30 snprintf [call site] 00065
28 fprintf [call site] 00066
28 fprintf [call site] 00067
28 fprintf [call site] 00068
28 winpr_backtrace_free [function] [call site] 00069
29 winpr_unwind_backtrace_free [function] [call site] 00070
27 LeaveCriticalSection [function] [call site] 00071
28 winpr_int_assert [function] [call site] 00072
29 abort [call site] 00073
28 InterlockedDecrement [function] [call site] 00074
29 winpr_int_assert [function] [call site] 00075
28 UnWaitCriticalSection [function] [call site] 00076
29 winpr_int_assert [function] [call site] 00077
29 sem_post [call site] 00078
28 InterlockedDecrement [function] [call site] 00079
26 vsnprintf [call site] 00080
26 WLog_Write [function] [call site] 00081
26 WLog_WriteData [function] [call site] 00082
27 WLog_GetLogAppender [function] [call site] 00083
27 WLog_OpenAppender [function] [call site] 00084
27 EnterCriticalSection [function] [call site] 00085
28 InterlockedIncrement [function] [call site] 00086
29 winpr_int_assert [function] [call site] 00087
28 GetCurrentThreadId [function] [call site] 00088
29 syscall [call site] 00089
28 WaitForCriticalSection [function] [call site] 00090
29 winpr_int_assert [function] [call site] 00091
29 sem_wait [call site] 00092
28 GetCurrentThreadId [function] [call site] 00093
27 log_recursion [function] [call site] 00094
27 LeaveCriticalSection [function] [call site] 00095
26 WLog_WriteImage [function] [call site] 00096
27 WLog_GetLogAppender [function] [call site] 00097
27 WLog_OpenAppender [function] [call site] 00098
27 EnterCriticalSection [function] [call site] 00099
27 log_recursion [function] [call site] 00100
27 LeaveCriticalSection [function] [call site] 00101
26 WLog_WritePacket [function] [call site] 00102
27 WLog_GetLogAppender [function] [call site] 00103
27 WLog_OpenAppender [function] [call site] 00104
27 EnterCriticalSection [function] [call site] 00105
27 log_recursion [function] [call site] 00106
27 LeaveCriticalSection [function] [call site] 00107
24 winpr_unwind_backtrace_free [function] [call site] 00108
22 WLog_IsLevelActive [function] [call site] 00109
22 WLog_PrintTextMessage [function] [call site] 00110
22 winpr_backtrace_symbols [function] [call site] 00111
22 WLog_IsLevelActive [function] [call site] 00112
22 WLog_PrintTextMessage [function] [call site] 00113
22 winpr_backtrace_free [function] [call site] 00114
18 vsnprintf [call site] 00115
18 WLog_Write [function] [call site] 00116
15 EnterCriticalSection [function] [call site] 00117
14 strcmp [call site] 00118
14 WLog_Unlock [function] [call site] 00119
15 winpr_int_assert [function] [call site] 00120
15 LeaveCriticalSection [function] [call site] 00121
13 WLog_New [function] [call site] 00122
14 calloc [call site] 00123
14 _strdup [function] [call site] 00124
15 strdup [call site] 00125
15 WLog_Print_dbg_tag [function] [call site] 00126
14 WLog_ParseName [function] [call site] 00127
15 strchr [call site] 00128
15 _strdup [function] [call site] 00129
15 calloc [call site] 00130
15 strchr [call site] 00131
14 calloc [call site] 00132
14 GetEnvironmentVariableA [function] [call site] 00133
15 getenv [call site] 00134
15 SetLastError [function] [call site] 00135
16 NtCurrentTeb [function] [call site] 00136
17 pthread_once [call site] 00137
17 sTebInitOnce [function] [call site] 00138
18 pthread_key_create [call site] 00139
18 sTebDestruct [function] [call site] 00140
17 pthread_getspecific [call site] 00141
17 calloc [call site] 00142
17 pthread_setspecific [call site] 00143
15 strlen [call site] 00144
14 GetEnvironmentVariableA [function] [call site] 00145
14 fprintf [call site] 00146
14 WLog_ParseLogLevel [function] [call site] 00147
15 _stricmp [function] [call site] 00148
15 _stricmp [function] [call site] 00149
15 _stricmp [function] [call site] 00150
15 _stricmp [function] [call site] 00151
15 _stricmp [function] [call site] 00152
15 _stricmp [function] [call site] 00153
15 _stricmp [function] [call site] 00154
14 WLog_SetLogLevel [function] [call site] 00155
15 WLog_UpdateInheritLevel [function] [call site] 00156
16 WLog_UpdateInheritLevel [function] [call site] 00157
15 WLog_reset_log_filters [function] [call site] 00158
16 WLog_reset_log_filters [function] [call site] 00159
14 WLog_GetFilterLogLevel [function] [call site] 00160
14 WLog_SetLogLevel [function] [call site] 00161
14 InitializeCriticalSectionAndSpinCount [function] [call site] 00162
15 InitializeCriticalSectionEx [function] [call site] 00163
16 winpr_int_assert [function] [call site] 00164
16 WLog_Print_dbg_tag [function] [call site] 00165
16 sem_init [call site] 00166
16 SetCriticalSectionSpinCount [function] [call site] 00167
17 winpr_int_assert [function] [call site] 00168
14 WLog_Free [function] [call site] 00169
15 WLog_Appender_Free [function] [call site] 00170
16 WLog_Layout_Free [function] [call site] 00171
16 DeleteCriticalSection [function] [call site] 00172
17 winpr_int_assert [function] [call site] 00173
17 sem_destroy [call site] 00174
15 DeleteCriticalSection [function] [call site] 00175
13 WLog_AddChild [function] [call site] 00176
14 WLog_Lock [function] [call site] 00177
14 realloc [call site] 00178
14 WLog_Unlock [function] [call site] 00179
13 WLog_Free [function] [call site] 00180
9 WLog_Print_dbg_tag [function] [call site] 00181
9 Sleep [function] [call site] 00182
10 usleep [call site] 00183
8 WLog_InitializeRoot [function] [call site] 00184
9 WLog_New [function] [call site] 00185
9 GetEnvironmentVariableA [function] [call site] 00186
9 GetEnvironmentVariableA [function] [call site] 00187
9 fprintf [call site] 00188
9 _stricmp [function] [call site] 00189
9 _stricmp [function] [call site] 00190
9 _stricmp [function] [call site] 00191
9 _stricmp [function] [call site] 00192
9 _stricmp [function] [call site] 00193
9 WLog_SetLogAppenderType [function] [call site] 00194
10 WLog_Appender_Free [function] [call site] 00195
10 WLog_Appender_New [function] [call site] 00196
11 WLog_ConsoleAppender_New [function] [call site] 00197
12 calloc [call site] 00198
11 WLog_FileAppender_New [function] [call site] 00199
12 calloc [call site] 00200
12 GetEnvironmentVariableA [function] [call site] 00201
12 GetEnvironmentVariableA [function] [call site] 00202
12 WLog_FileAppender_SetOutputFilePath [function] [call site] 00203
13 _strdup [function] [call site] 00204
12 GetEnvironmentVariableA [function] [call site] 00205
12 GetEnvironmentVariableA [function] [call site] 00206
12 WLog_FileAppender_SetOutputFileName [function] [call site] 00207
13 _strdup [function] [call site] 00208
11 WLog_BinaryAppender_New [function] [call site] 00209
12 calloc [call site] 00210
11 WLog_CallbackAppender_New [function] [call site] 00211
12 calloc [call site] 00212
11 WLog_SyslogAppender_New [function] [call site] 00213
12 calloc [call site] 00214
11 WLog_UdpAppender_New [function] [call site] 00215
12 calloc [call site] 00216
12 _socket [function] [call site] 00217
13 socket [call site] 00218
12 GetEnvironmentVariableA [function] [call site] 00219
12 GetEnvironmentVariableA [function] [call site] 00220
12 WLog_UdpAppender_Open [function] [call site] 00221
13 strchr [call site] 00222
13 winpr_int_assert [function] [call site] 00223
13 getaddrinfo [call site] 00224
13 freeaddrinfo [call site] 00225
13 freeaddrinfo [call site] 00226
12 _strdup [function] [call site] 00227
12 closesocket [function] [call site] 00228
13 close [call site] 00229
11 fprintf [call site] 00230
11 WLog_ConsoleAppender_New [function] [call site] 00231
11 WLog_Layout_New [function] [call site] 00232
12 calloc [call site] 00233
12 GetEnvironmentVariableA [function] [call site] 00234
12 GetEnvironmentVariableA [function] [call site] 00235
12 _strdup [function] [call site] 00236
11 WLog_Appender_Free [function] [call site] 00237
11 InitializeCriticalSectionAndSpinCount [function] [call site] 00238
9 WLog_ParseFilters [function] [call site] 00239
10 GetEnvironmentVariableA [function] [call site] 00240
10 GetEnvironmentVariableA [function] [call site] 00241
10 WLog_AddStringLogFilters_int [function] [call site] 00242
11 strchr [call site] 00243
11 realloc [call site] 00244
11 _strdup [function] [call site] 00245
11 strchr [call site] 00246
11 WLog_ParseFilter [function] [call site] 00247
12 strchr [call site] 00248
12 _strdup [function] [call site] 00249
12 calloc [call site] 00250
12 strrchr [call site] 00251
12 WLog_ParseLogLevel [function] [call site] 00252
12 strchr [call site] 00253
11 WLog_reset_log_filters [function] [call site] 00254
9 atexit [call site] 00255
9 WLog_Uninit_ [function] [call site] 00256
10 WLog_Free [function] [call site] 00257
10 WLog_Free [function] [call site] 00258
9 WLog_Uninit_ [function] [call site] 00259
5 PEM_read_bio_X509 [call site] 00260
5 BIO_free_all [call site] 00261
5 WLog_Print_dbg_tag [function] [call site] 00262
4 extract_chain_from_pem [function] [call site] 00263
5 BIO_new_file [call site] 00264
5 strlen [call site] 00265
5 winpr_int_assert [function] [call site] 00266
5 BIO_new_mem_buf [call site] 00267
5 PEM_read_bio_X509 [call site] 00268
5 BIO_free [call site] 00269
5 sk_X509_new_null [function] [call site] 00270
6 OPENSSL_sk_new_null [call site] 00271
5 X509_free [call site] 00272
5 BIO_free [call site] 00273
5 PEM_read_bio_X509 [call site] 00274
5 sk_X509_push [function] [call site] 00275
6 OPENSSL_sk_push [call site] 00276
5 X509_free [call site] 00277
5 BIO_free [call site] 00278
4 freerdp_certificate_new_from_x509 [function] [call site] 00279
5 winpr_int_assert [function] [call site] 00280
5 freerdp_certificate_new [function] [call site] 00281
6 calloc [call site] 00282
5 X509_dup [call site] 00283
5 freerdp_rsa_from_x509 [function] [call site] 00284
6 winpr_int_assert [function] [call site] 00285
6 freerdp_certificate_is_rsa [function] [call site] 00286
7 winpr_int_assert [function] [call site] 00287
7 is_rsa_key [function] [call site] 00288
8 X509_get0_pubkey [call site] 00289
8 EVP_PKEY_id [call site] 00290
6 X509_get0_pubkey [call site] 00291
6 EVP_PKEY_get1_RSA [call site] 00292
6 RSA_get0_key [call site] 00293
6 cert_info_create [function] [call site] 00294
7 winpr_int_assert [function] [call site] 00295
7 winpr_int_assert [function] [call site] 00296
7 read_bignum [function] [call site] 00297
8 winpr_int_assert [function] [call site] 00298
8 winpr_int_assert [function] [call site] 00299
8 winpr_int_assert [function] [call site] 00300
8 BN_num_bits [call site] 00301
8 BN_bn2bin [call site] 00302
8 crypto_reverse [function] [call site] 00303
7 read_bignum [function] [call site] 00304
7 cert_info_free [function] [call site] 00305
8 winpr_int_assert [function] [call site] 00306
6 RSA_free [call site] 00307
5 sk_X509_deep_copy [function] [call site] 00308
6 OPENSSL_sk_deep_copy [call site] 00309
5 X509_const_dup [function] [call site] 00310
6 X509_dup [call site] 00311
5 X509_free [call site] 00312
5 freerdp_certificate_free [function] [call site] 00313
6 certificate_free_int [function] [call site] 00314
7 winpr_int_assert [function] [call site] 00315
7 X509_free [call site] 00316
7 sk_X509_pop_free [function] [call site] 00317
8 OPENSSL_sk_pop_free [call site] 00318
7 X509_free [call site] 00319
7 certificate_free_x509_certificate_chain [function] [call site] 00320
8 cert_blob_free [function] [call site] 00321
7 cert_info_free [function] [call site] 00322
4 sk_X509_pop_free [function] [call site] 00323
4 X509_free [call site] 00324
4 X509_free [call site] 00325
2 freerdp_certificate_data_new_nocopy [function] [call site] 00326
3 calloc [call site] 00327
3 _strdup [function] [call site] 00328
3 strlen [call site] 00329
3 ensure_lowercase [function] [call site] 00330
4 strnlen [call site] 00331
4 tolower [call site] 00332
3 freerdp_certificate_data_load_cache [function] [call site] 00333
4 winpr_int_assert [function] [call site] 00334
4 freerdp_certificate_data_hash_ [function] [call site] 00335
5 snprintf [call site] 00336
5 ensure_lowercase [function] [call site] 00337
4 strnlen [call site] 00338
4 freerdp_certificate_get_subject [function] [call site] 00339
5 winpr_int_assert [function] [call site] 00340
5 x509_utils_get_subject [function] [call site] 00341
6 WLog_Print_dbg_tag [function] [call site] 00342
6 X509_get_subject_name [call site] 00343
6 crypto_print_name [function] [call site] 00344
7 BIO_s_mem [call site] 00345
7 BIO_new [call site] 00346
7 X509_NAME_print_ex [call site] 00347
7 BIO_number_written [call site] 00348
7 calloc [call site] 00349
7 ERR_clear_error [call site] 00350
7 BIO_read [call site] 00351
7 BIO_free_all [call site] 00352
6 WLog_Print_dbg_tag [function] [call site] 00353
4 calloc [call site] 00354
4 freerdp_certificate_get_pem_ex [function] [call site] 00355
5 winpr_int_assert [function] [call site] 00356
5 BIO_s_mem [call site] 00357
5 BIO_new [call site] 00358
5 WLog_Print_dbg_tag [function] [call site] 00359
5 PEM_write_bio_X509 [call site] 00360
5 WLog_Print_dbg_tag [function] [call site] 00361
5 sk_X509_num [function] [call site] 00362
6 OPENSSL_sk_num [call site] 00363
5 sk_X509_value [function] [call site] 00364
6 OPENSSL_sk_value [call site] 00365
5 PEM_write_bio_X509 [call site] 00366
5 WLog_Print_dbg_tag [function] [call site] 00367
5 bio_read_pem [function] [call site] 00368
6 winpr_int_assert [function] [call site] 00369
6 winpr_int_assert [function] [call site] 00370
6 realloc [call site] 00371
6 ERR_clear_error [call site] 00372
6 BIO_read [call site] 00373
6 WLog_Print_dbg_tag [function] [call site] 00374
5 BIO_free_all [call site] 00375
4 freerdp_certificate_get_pem_ex [function] [call site] 00376
4 freerdp_certificate_get_fingerprint [function] [call site] 00377
5 freerdp_certificate_get_fingerprint_by_hash [function] [call site] 00378
6 freerdp_certificate_get_fingerprint_by_hash_ex [function] [call site] 00379
7 WLog_Print_dbg_tag [function] [call site] 00380
7 WLog_Print_dbg_tag [function] [call site] 00381
7 x509_utils_get_hash [function] [call site] 00382
8 EVP_get_digestbyname [call site] 00383
8 WLog_Print_dbg_tag [function] [call site] 00384
8 WLog_Print_dbg_tag [function] [call site] 00385
8 calloc [call site] 00386
8 WLog_Print_dbg_tag [function] [call site] 00387
8 X509_digest [call site] 00388
8 WLog_Print_dbg_tag [function] [call site] 00389
7 calloc [call site] 00390
7 snprintf [call site] 00391
7 snprintf [call site] 00392
7 snprintf [call site] 00393
4 freerdp_certificate_get_issuer [function] [call site] 00394
5 winpr_int_assert [function] [call site] 00395
5 x509_utils_get_issuer [function] [call site] 00396
6 WLog_Print_dbg_tag [function] [call site] 00397
6 X509_get_issuer_name [call site] 00398
6 crypto_print_name [function] [call site] 00399
6 WLog_Print_dbg_tag [function] [call site] 00400
4 calloc [call site] 00401
3 freerdp_certificate_data_free [function] [call site] 00402
4 freerdp_certificate_free [function] [call site] 00403
2 freerdp_certificate_free [function] [call site] 00404
1 freerdp_certificate_data_free [function] [call site] 00405