Fuzz introspector: snmp_pdu_parse_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00104 /src/net-snmp/snmplib/snmp_logging.c:1098
0 13 1 :

['_asn_size_err']

0 13 asn_parse_int call site: 00064 /src/net-snmp/snmplib/asn1.c:581
0 13 1 :

['_asn_size_err']

0 13 asn_parse_unsigned_int call site: 00078 /src/net-snmp/snmplib/asn1.c:670
0 13 1 :

['_asn_type_err']

0 13 asn_parse_bitstring call site: 00209 /src/net-snmp/snmplib/asn1.c:1848
0 13 1 :

['_asn_short_err']

0 13 asn_parse_bitstring call site: 00211 /src/net-snmp/snmplib/asn1.c:1854
0 13 1 :

['_asn_length_err']

0 13 asn_parse_bitstring call site: 00212 /src/net-snmp/snmplib/asn1.c:1859
0 13 1 :

['_asn_size_err']

0 13 asn_parse_unsigned_int64 call site: 00135 /src/net-snmp/snmplib/asn1.c:1969
0 13 1 :

['_asn_short_err']

0 13 asn_parse_unsigned_int64 call site: 00144 /src/net-snmp/snmplib/asn1.c:2025
0 13 1 :

['_asn_size_err']

0 13 asn_parse_signed_int64 call site: 00183 /src/net-snmp/snmplib/asn1.c:2240
0 13 1 :

['_asn_short_err']

0 13 asn_parse_signed_int64 call site: 00191 /src/net-snmp/snmplib/asn1.c:2282
0 13 1 :

['_asn_short_err']

0 13 asn_parse_float call site: 00162 /src/net-snmp/snmplib/asn1.c:2496
0 13 1 :

['_asn_short_err']

0 13 asn_parse_double call site: 00176 /src/net-snmp/snmplib/asn1.c:2686

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 calloc [call site] 00001
1 snmp_pdu_parse [function] [call site] 00002
2 asn_parse_header [function] [call site] 00003
3 snmp_set_detail [function] [call site] 00004
4 strlcpy [function] [call site] 00005
5 strlen [call site] 00006
3 _asn_short_err [function] [call site] 00007
4 snprintf [call site] 00008
4 snmp_set_detail [function] [call site] 00009
3 snmp_set_detail [function] [call site] 00010
3 asn_parse_nlength [function] [call site] 00011
4 asn_parse_length [function] [call site] 00012
5 snmp_set_detail [function] [call site] 00013
5 snprintf [call site] 00014
5 snmp_set_detail [function] [call site] 00015
5 snprintf [call site] 00016
5 snmp_set_detail [function] [call site] 00017
5 snprintf [call site] 00018
5 snmp_set_detail [function] [call site] 00019
3 _asn_short_err [function] [call site] 00020
3 asn_parse_nlength [function] [call site] 00021
3 _asn_short_err [function] [call site] 00022
2 snmp_get_do_debugging [function] [call site] 00023
2 snmp_pdu_type [function] [call site] 00024
3 snprintf [call site] 00025
2 asn_parse_objid [function] [call site] 00026
3 snmp_set_detail [function] [call site] 00027
3 _asn_short_err [function] [call site] 00028
3 _asn_type_err [function] [call site] 00029
4 snprintf [call site] 00030
4 snmp_set_detail [function] [call site] 00031
3 asn_parse_nlength [function] [call site] 00032
3 _asn_short_err [function] [call site] 00033
3 snmp_get_do_debugging [function] [call site] 00034
3 snmp_set_detail [function] [call site] 00035
3 snmp_set_detail [function] [call site] 00036
3 snmp_set_detail [function] [call site] 00037
3 snmp_get_do_debugging [function] [call site] 00038
3 snmp_get_do_debugging [function] [call site] 00039
3 snmp_get_do_debugging [function] [call site] 00040
2 netsnmp_memdup [function] [call site] 00041
2 asn_parse_string [function] [call site] 00042
3 snmp_set_detail [function] [call site] 00043
3 _asn_short_err [function] [call site] 00044
3 _asn_type_err [function] [call site] 00045
3 asn_parse_nlength [function] [call site] 00046
3 _asn_short_err [function] [call site] 00047
3 _asn_length_err [function] [call site] 00048
4 snprintf [call site] 00049
4 snmp_set_detail [function] [call site] 00050
3 snmp_get_do_debugging [function] [call site] 00051
3 snmp_get_do_debugging [function] [call site] 00052
3 sprint_realloc_asciistring [function] [call site] 00053
4 __ctype_b_loc [call site] 00054
4 snmp_realloc [function] [call site] 00055
5 realloc [call site] 00056
4 snmp_realloc [function] [call site] 00057
4 snmp_realloc [function] [call site] 00058
4 snmp_realloc [function] [call site] 00059
3 snmp_get_do_debugging [function] [call site] 00060
3 snmp_get_do_debugging [function] [call site] 00061
3 snmp_get_do_debugging [function] [call site] 00062
2 asn_parse_int [function] [call site] 00063
3 snmp_set_detail [function] [call site] 00064
3 _asn_size_err [function] [call site] 00065
4 snprintf [call site] 00066
4 snmp_set_detail [function] [call site] 00067
3 _asn_short_err [function] [call site] 00068
3 _asn_type_err [function] [call site] 00069
3 asn_parse_nlength [function] [call site] 00070
3 _asn_short_err [function] [call site] 00071
3 _asn_length_err [function] [call site] 00072
3 snmp_get_do_debugging [function] [call site] 00073
3 snmp_get_do_debugging [function] [call site] 00074
3 snmp_get_do_debugging [function] [call site] 00075
2 asn_parse_int [function] [call site] 00076
2 asn_parse_unsigned_int [function] [call site] 00077
3 snmp_set_detail [function] [call site] 00078
3 _asn_size_err [function] [call site] 00079
3 _asn_short_err [function] [call site] 00080
3 _asn_type_err [function] [call site] 00081
3 asn_parse_nlength [function] [call site] 00082
3 _asn_short_err [function] [call site] 00083
3 _asn_length_err [function] [call site] 00084
3 snmp_get_do_debugging [function] [call site] 00085
3 snmp_get_do_debugging [function] [call site] 00086
3 snmp_get_do_debugging [function] [call site] 00087
2 snmp_get_do_debugging [function] [call site] 00088
2 asn_parse_int [function] [call site] 00089
2 snmp_get_do_debugging [function] [call site] 00090
2 snmp_get_do_debugging [function] [call site] 00091
2 asn_parse_int [function] [call site] 00092
2 snmp_get_do_debugging [function] [call site] 00093
2 snmp_get_do_debugging [function] [call site] 00094
2 asn_parse_int [function] [call site] 00095
2 snmp_get_do_debugging [function] [call site] 00096
2 snmp_log [function] [call site] 00097
3 snmp_vlog [function] [call site] 00098
4 vasprintf [call site] 00099
4 snmp_log_string [function] [call site] 00100
5 netsnmp_set_line_buffering [function] [call site] 00101
6 setvbuf [call site] 00102
5 log_handler_stdouterr [function] [call site] 00103
6 netsnmp_ds_get_boolean [function] [call site] 00104
6 sprintf_stamp [function] [call site] 00105
7 time [call site] 00106
7 localtime [call site] 00107
7 sprintf [call site] 00108
6 strcpy [call site] 00109
6 strrchr [call site] 00110
6 printf [call site] 00111
6 fprintf [call site] 00112
5 log_handler_stdouterr [function] [call site] 00113
4 snmp_log_string [function] [call site] 00114
2 snmp_increment_statistic [function] [call site] 00115
2 snmp_get_do_debugging [function] [call site] 00116
2 asn_parse_sequence [function] [call site] 00117
3 asn_parse_header [function] [call site] 00118
3 snprintf [call site] 00119
3 snmp_set_detail [function] [call site] 00120
2 calloc [call site] 00121
2 snmp_get_do_debugging [function] [call site] 00122
2 snmp_parse_var_op [function] [call site] 00123
3 asn_parse_sequence [function] [call site] 00124
3 snmp_get_do_debugging [function] [call site] 00125
3 asn_parse_objid [function] [call site] 00126
3 snmp_get_do_debugging [function] [call site] 00127
3 snmp_set_detail [function] [call site] 00128
3 asn_parse_header [function] [call site] 00129
3 snmp_set_detail [function] [call site] 00130
2 snmp_set_var_objid [function] [call site] 00131
2 snmp_get_do_debugging [function] [call site] 00132
2 asn_parse_int [function] [call site] 00133
2 asn_parse_unsigned_int [function] [call site] 00134
2 asn_parse_unsigned_int64 [function] [call site] 00135
3 _asn_size_err [function] [call site] 00136
3 snmp_set_detail [function] [call site] 00137
3 _asn_short_err [function] [call site] 00138
3 _asn_type_err [function] [call site] 00139
3 asn_parse_nlength [function] [call site] 00140
3 _asn_short_err [function] [call site] 00141
3 snmp_get_do_debugging [function] [call site] 00142
3 _asn_short_err [function] [call site] 00143
3 asn_parse_nlength [function] [call site] 00144
3 _asn_short_err [function] [call site] 00145
3 _asn_length_err [function] [call site] 00146
3 snmp_get_do_debugging [function] [call site] 00147
3 snmp_get_do_debugging [function] [call site] 00148
3 snmp_get_do_debugging [function] [call site] 00149
3 printU64 [function] [call site] 00150
4 isZeroU64 [function] [call site] 00152
4 strcpy [call site] 00153
3 snmp_get_do_debugging [function] [call site] 00154
2 asn_parse_float [function] [call site] 00155
3 _asn_size_err [function] [call site] 00156
3 snmp_set_detail [function] [call site] 00157
3 _asn_short_err [function] [call site] 00158
3 asn_parse_nlength [function] [call site] 00159
3 _asn_short_err [function] [call site] 00160
3 snmp_get_do_debugging [function] [call site] 00161
3 asn_parse_nlength [function] [call site] 00162
3 _asn_short_err [function] [call site] 00163
3 _asn_type_err [function] [call site] 00164
3 _asn_size_err [function] [call site] 00165
3 ntohl [call site] 00166
3 snmp_get_do_debugging [function] [call site] 00167
2 asn_parse_double [function] [call site] 00168
3 _asn_size_err [function] [call site] 00169
3 snmp_set_detail [function] [call site] 00170
3 _asn_short_err [function] [call site] 00171
3 asn_parse_nlength [function] [call site] 00172
3 _asn_short_err [function] [call site] 00173
3 snmp_get_do_debugging [function] [call site] 00174
3 _asn_short_err [function] [call site] 00175
3 asn_parse_nlength [function] [call site] 00176
3 _asn_short_err [function] [call site] 00177
3 _asn_type_err [function] [call site] 00178
3 _asn_size_err [function] [call site] 00179
3 ntohl [call site] 00180
3 ntohl [call site] 00181
3 snmp_get_do_debugging [function] [call site] 00182
2 asn_parse_signed_int64 [function] [call site] 00183
3 _asn_size_err [function] [call site] 00184
3 snmp_set_detail [function] [call site] 00185
3 _asn_short_err [function] [call site] 00186
3 asn_parse_nlength [function] [call site] 00187
3 _asn_short_err [function] [call site] 00188
3 _asn_short_err [function] [call site] 00189
3 snmp_get_do_debugging [function] [call site] 00190
3 asn_parse_nlength [function] [call site] 00191
3 _asn_short_err [function] [call site] 00192
3 snprintf [call site] 00193
3 snmp_set_detail [function] [call site] 00194
3 _asn_length_err [function] [call site] 00195
3 snmp_get_do_debugging [function] [call site] 00196
3 snmp_get_do_debugging [function] [call site] 00197
3 snmp_get_do_debugging [function] [call site] 00198
3 snmp_get_do_debugging [function] [call site] 00203
2 asn_parse_string [function] [call site] 00204
2 asn_parse_objid [function] [call site] 00205
2 netsnmp_memdup [function] [call site] 00206
2 asn_parse_bitstring [function] [call site] 00207
3 snmp_set_detail [function] [call site] 00208
3 _asn_short_err [function] [call site] 00209
3 _asn_type_err [function] [call site] 00210
3 asn_parse_nlength [function] [call site] 00211
3 _asn_short_err [function] [call site] 00212
3 _asn_length_err [function] [call site] 00213
3 _asn_bitstring_check [function] [call site] 00214
4 snprintf [call site] 00215
4 snmp_set_detail [function] [call site] 00216
3 snmp_get_do_debugging [function] [call site] 00217
3 snmp_get_do_debugging [function] [call site] 00218
3 snmp_get_do_debugging [function] [call site] 00219
3 snmp_get_do_debugging [function] [call site] 00220
2 snmp_get_do_debugging [function] [call site] 00222
2 snmp_api_errstring [function] [call site] 00223
3 snprintf [call site] 00224
3 snprintf [call site] 00225
2 snmp_get_do_debugging [function] [call site] 00227
2 snmp_free_var [function] [call site] 00228
3 snmp_free_var_internals [function] [call site] 00229
1 snmp_free_pdu [function] [call site] 00230
2 free_securityStateRef [function] [call site] 00231
3 find_sec_mod [function] [call site] 00232
2 find_sec_mod [function] [call site] 00235
2 snmp_free_varbind [function] [call site] 00236
3 snmp_free_var [function] [call site] 00237