Fuzz introspector: mosquitto_passwd_fuzz_load
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
102 102 1 :

['update_file']

118 136 mosquitto_passwd_fuzz_main call site: 00160 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:657
53 53 1 :

['delete_pwuser']

69 87 mosquitto_passwd_fuzz_main call site: 00159 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:655
34 34 1 :

['get_password']

56 181 mosquitto_passwd_fuzz_main call site: 00182 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:660
12 12 5 :

['EVP_MD_CTX_free', 'EVP_DigestUpdate', 'EVP_MD_CTX_new', 'EVP_DigestFinal_ex', 'EVP_DigestInit_ex']

14 14 pw__hash call site: 00107 /src/mosquitto/apps/mosquitto_passwd/../../common/password_mosq.c:91
4 4 2 :

['getuid', 'getpwuid_r']

12 12 mosquitto__fopen call site: 00095 /src/mosquitto/apps/mosquitto_passwd/../../common/misc_mosq.c:189
4 4 2 :

['getgrgid_r', 'getgid']

6 6 mosquitto__fopen call site: 00098 /src/mosquitto/apps/mosquitto_passwd/../../common/misc_mosq.c:208
2 2 1 :

['fopen']

22 22 mosquitto__fopen call site: 00085 /src/mosquitto/apps/mosquitto_passwd/../../common/misc_mosq.c:139
0 56 1 :

['output_new_password']

40 143 mosquitto_passwd_fuzz_main call site: 00067 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:603
0 0 None 299 749 mosquitto_passwd_fuzz_main call site: 00032 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:472
0 0 None 299 749 mosquitto_passwd_fuzz_main call site: 00038 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:488
0 0 None 299 749 mosquitto_passwd_fuzz_main call site: 00039 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:490
0 0 None 299 749 mosquitto_passwd_fuzz_main call site: 00040 /src/mosquitto/apps/mosquitto_passwd/mosquitto_passwd.c:492

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 getpid [call site] 00001
1 fopen [call site] 00002
1 fwrite [call site] 00003
1 fclose [call site] 00004
1 run_mosquitto_passwd(char*) [function] [call site] 00005
2 strdup [call site] 00006
2 strdup [call site] 00007
2 strdup [call site] 00008
2 strdup [call site] 00009
2 mosquitto_passwd_fuzz_main [function] [call site] 00010
3 signal [call site] 00011
3 handle_sigint [function] [call site] 00012
4 get_password__reset_term [function] [call site] 00013
5 tcgetattr [call site] 00014
5 tcsetattr [call site] 00015
4 exit [call site] 00016
3 signal [call site] 00017
3 handle_sigint [function] [call site] 00018
3 OPENSSL_init_crypto [call site] 00019
3 print_usage [function] [call site] 00020
4 printf [call site] 00021
4 printf [call site] 00022
4 printf [call site] 00023
4 printf [call site] 00024
4 printf [call site] 00025
4 printf [call site] 00026
4 printf [call site] 00027
4 printf [call site] 00028
4 printf [call site] 00029
4 printf [call site] 00030
4 printf [call site] 00031
3 strcmp [call site] 00032
3 fprintf [call site] 00033
3 strcmp [call site] 00034
3 strcmp [call site] 00035
3 fprintf [call site] 00036
3 strcmp [call site] 00037
3 strcmp [call site] 00038
3 strcmp [call site] 00039
3 strcmp [call site] 00040
3 fprintf [call site] 00041
3 atoi [call site] 00042
3 fprintf [call site] 00043
3 strcmp [call site] 00044
3 fprintf [call site] 00045
3 fprintf [call site] 00046
3 fprintf [call site] 00047
3 fprintf [call site] 00048
3 fprintf [call site] 00049
3 fprintf [call site] 00050
3 fprintf [call site] 00051
3 fprintf [call site] 00052
3 print_usage [function] [call site] 00053
3 is_username_valid [function] [call site] 00054
4 strlen [call site] 00055
4 fprintf [call site] 00056
4 __ctype_b_loc [call site] 00057
4 fprintf [call site] 00058
4 strchr [call site] 00059
4 fprintf [call site] 00060
3 strlen [call site] 00061
3 fprintf [call site] 00062
3 realpath [call site] 00063
3 __errno_location [call site] 00064
3 strdup [call site] 00065
3 fprintf [call site] 00066
3 __errno_location [call site] 00067
3 get_password [function] [call site] 00068
4 printf [call site] 00069
4 fflush [call site] 00070
4 gets_quiet [function] [call site] 00071
5 tcgetattr [call site] 00072
5 tcsetattr [call site] 00073
5 fgets [call site] 00074
5 tcsetattr [call site] 00075
5 strlen [call site] 00076
5 strlen [call site] 00077
5 strlen [call site] 00078
4 gets_quiet [function] [call site] 00079
4 fprintf [call site] 00080
4 printf [call site] 00081
4 strcmp [call site] 00082
4 fprintf [call site] 00083
4 strncpy [call site] 00084
3 mosquitto__fopen [function] [call site] 00085
4 umask [call site] 00086
4 strlen [call site] 00087
4 open [call site] 00088
4 fdopen [call site] 00089
4 umask [call site] 00090
4 fopen [call site] 00091
4 fileno [call site] 00092
4 fclose [call site] 00093
4 fprintf [call site] 00094
4 getuid [call site] 00095
4 getuid [call site] 00096
4 fprintf [call site] 00097
4 getgid [call site] 00098
4 getgid [call site] 00099
4 fprintf [call site] 00100
4 fclose [call site] 00101
3 __errno_location [call site] 00102
3 printf [call site] 00103
3 output_new_password [function] [call site] 00104
4 fprintf [call site] 00105
4 pw__hash [function] [call site] 00106
5 RAND_bytes [call site] 00107
5 EVP_DigestInit_ex [call site] 00108
5 strlen [call site] 00109
5 EVP_DigestUpdate [call site] 00110
5 EVP_DigestFinal_ex [call site] 00111
5 EVP_MD_CTX_free [call site] 00112
5 strlen [call site] 00113
4 fprintf [call site] 00114
4 base64__encode [function] [call site] 00115
5 BIO_f_base64 [call site] 00116
5 BIO_s_mem [call site] 00117
5 BIO_free_all [call site] 00118
5 BIO_push [call site] 00119
5 BIO_write [call site] 00120
5 BIO_ctrl [call site] 00121
5 BIO_free_all [call site] 00122
5 BIO_ctrl [call site] 00123
5 BIO_free_all [call site] 00124
5 BIO_free_all [call site] 00125
4 fprintf [call site] 00126
4 base64__encode [function] [call site] 00127
4 fprintf [call site] 00128
4 fprintf [call site] 00129
4 fprintf [call site] 00130
3 fclose [call site] 00131
3 mosquitto__fopen [function] [call site] 00132
3 __errno_location [call site] 00133
3 strlen [call site] 00134
3 fprintf [call site] 00135
3 snprintf [call site] 00136
3 create_backup [function] [call site] 00137
4 umask [call site] 00138
4 mkstemp [call site] 00139
4 fprintf [call site] 00140
4 fdopen [call site] 00141
4 fprintf [call site] 00142
4 copy_contents [function] [call site] 00143
5 rewind [call site] 00144
5 rewind [call site] 00145
5 fileno [call site] 00146
5 feof [call site] 00147
5 fread [call site] 00148
5 fwrite [call site] 00149
5 feof [call site] 00150
4 fprintf [call site] 00151
4 fclose [call site] 00152
4 fclose [call site] 00153
4 rewind [call site] 00154
3 fclose [call site] 00155
3 mpw_tmpfile [function] [call site] 00156
4 RAND_bytes [call site] 00157
3 __errno_location [call site] 00158
3 fclose [call site] 00159
3 delete_pwuser [function] [call site] 00160
4 pwfile_iterate [function] [call site] 00161
5 fprintf [call site] 00162
5 fprintf [call site] 00163
5 feof [call site] 00164
5 fgets_extending [function] [call site] 00165
6 fgets [call site] 00166
6 feof [call site] 00167
6 strlen [call site] 00168
6 realloc [call site] 00169
5 fprintf [call site] 00170
5 strtok [call site] 00171
5 strtok [call site] 00172
5 fprintf [call site] 00173
5 misc__trimblanks [function] [call site] 00174
6 __ctype_b_loc [call site] 00175
6 strlen [call site] 00176
6 __ctype_b_loc [call site] 00177
5 misc__trimblanks [function] [call site] 00178
5 strlen [call site] 00179
5 fprintf [call site] 00180
4 fprintf [call site] 00181
3 update_file [function] [call site] 00182
4 pwfile_iterate [function] [call site] 00183
3 update_pwuser [function] [call site] 00184
4 pwfile_iterate [function] [call site] 00185
4 printf [call site] 00186
4 printf [call site] 00187
4 output_new_password [function] [call site] 00188
3 get_password [function] [call site] 00189
3 fclose [call site] 00190
3 fclose [call site] 00191
3 unlink [call site] 00192
3 update_pwuser [function] [call site] 00193
3 fclose [call site] 00194
3 fclose [call site] 00195
3 unlink [call site] 00196
3 copy_contents [function] [call site] 00197
3 fclose [call site] 00198
3 fclose [call site] 00199
3 fprintf [call site] 00200
3 fprintf [call site] 00201
3 fclose [call site] 00202
3 fclose [call site] 00203
3 unlink [call site] 00204
1 unlink [call site] 00205