Fuzz introspector
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues
Project coverage
Per-fuzzer coverage

Table of contents

Project overview: net-snmp
High level conclusions
Reachability and coverage overview
Fuzzers overview
Project functions overview
Fuzzer details
Fuzzer: snmp_config_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_parse_oid_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_mib_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_parse_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: read_objid_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_transport_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_pdu_parse_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: parse_octet_hint_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_print_var_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_config_mem_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_e2e_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_scoped_pdu_parse_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: agentx_parse_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_api_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Fuzzer: snmp_agent_e2e_fuzzer
Call tree
Fuzz blockers
Runtime coverage analysis
Files reached
Analyses and suggestions
Optimal target analysis
Remaining optimal interesting functions
All functions overview
Runtime coverage analysis
Complex functions with low coverage
Files and Directories in report
Files in report
Directories in report
Metadata section
Function call coverage
Function in each files in report
Report generation date: 2023-06-07

Project overview: net-snmp

High level conclusions

Reachability and coverage overview

Functions statically reachable by fuzzers
74.0%
1589 / 2149
Cyclomatic complexity statically reachable by fuzzers
83.0%
15796 / 19000
Runtime code coverage of functions
37.0%
794 / 2149

Fuzzers overview

Fuzzer Fuzzer filename Functions Reached Functions unreached Fuzzer depth Files reached Basic blocks reached Cyclomatic complexity Details
snmp_config_fuzzer testing/fuzzing/snmp_config_fuzzer.c 204 1596 38 12 5179 1965 snmp_config_fuzzer.c
snmp_parse_oid_fuzzer testing/fuzzing/snmp_parse_oid_fuzzer.c 184 1617 38 12 5160 1946 snmp_parse_oid_fuzzer.c
snmp_mib_fuzzer testing/fuzzing/snmp_mib_fuzzer.c 165 1636 36 11 4362 1666 snmp_mib_fuzzer.c
snmp_parse_fuzzer testing/fuzzing/snmp_parse_fuzzer.c 210 1590 17 18 7529 2569 snmp_parse_fuzzer.c
read_objid_fuzzer testing/fuzzing/read_objid_fuzzer.c 175 1625 38 12 5035 1891 read_objid_fuzzer.c
snmp_transport_fuzzer testing/fuzzing/snmp_transport_fuzzer.c 607 1200 16 43 11103 4236 snmp_transport_fuzzer.c
snmp_pdu_parse_fuzzer testing/fuzzing/snmp_pdu_parse_fuzzer.c 115 1684 7 13 2948 1132 snmp_pdu_parse_fuzzer.c
parse_octet_hint_fuzzer testing/fuzzing/parse_octet_hint_fuzzer.c 13 1788 4 2 150 63 parse_octet_hint_fuzzer.c
snmp_print_var_fuzzer testing/fuzzing/snmp_print_var_fuzzer.c 185 1622 38 13 5193 1949 snmp_print_var_fuzzer.c
snmp_config_mem_fuzzer testing/fuzzing/snmp_config_mem_fuzzer.c 191 1608 41 13 5295 1992 snmp_config_mem_fuzzer.c
snmp_e2e_fuzzer testing/fuzzing/snmp_e2e_fuzzer.c 1207 602 37 66 28798 10207 snmp_e2e_fuzzer.c
snmp_scoped_pdu_parse_fuzzer testing/fuzzing/snmp_scoped_pdu_parse_fuzzer.c 55 1744 8 10 604 274 snmp_scoped_pdu_parse_fuzzer.c
agentx_parse_fuzzer testing/fuzzing/agentx_parse_fuzzer.c 122 1701 10 11 4938 1615 agentx_parse_fuzzer.c
snmp_api_fuzzer testing/fuzzing/snmp_api_fuzzer.c 349 1483 39 23 12638 4336 snmp_api_fuzzer.c
snmp_agent_e2e_fuzzer testing/fuzzing/snmp_agent_e2e_fuzzer.c 1845 596 41 101 47462 16306 snmp_agent_e2e_fuzzer.c

Project functions overview

The following table shows data about each function in the project. The functions included in this table correspond to all functions that exist in the executables of the fuzzers. As such, there may be functions that are from third-party libraries.

For further technical details on the meaning of columns in the below table, please see the Glossary .

Func name Functions filename Args Function call depth Reached by Fuzzers Fuzzers runtime hit Func lines hit % I Count BB Count Cyclomatic complexity Functions reached Reached by functions Accumulated cyclomatic complexity Undiscovered complexity

Fuzzer details

Fuzzer: snmp_config_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1200 93.0%
gold [1:9] 8 0.62%
yellow [10:29] 3 0.23%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 78 6.05%
All colors 1289 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1746 1746 2 :

['netsnmp_read_module', 'new_module']

1748 1748 read_mib call site: 00071 /src/net-snmp/snmplib/parse.c:5040
1292 2412 7 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'stat', 'read_config', 'strncmp']

1292 2412 read_config_files_in_path call site: 00000 /src/net-snmp/snmplib/read_config.c:1324
264 266 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', '__errno_location', 'strerror']

264 266 read_config call site: 00000 /src/net-snmp/snmplib/read_config.c:770
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00054 /src/net-snmp/snmplib/snmp_logging.c:1098
2 128 3 :

['strchr', 'internal_register_config_handler', 'strlcpy']

2 128 internal_register_config_handler call site: 00005 /src/net-snmp/snmplib/read_config.c:164
2 2 1 :

['__errno_location']

2 50 snmp_log_perror call site: 00046 /src/net-snmp/snmplib/snmp_logging.c:1412
2 2 1 :

['strlen']

2 2 strlcat call site: 00768 /src/net-snmp/snmplib/strlcat.c:53
0 5 1 :

['netsnmp_ds_get_string']

530 665 internal_register_config_handler call site: 00003 /src/net-snmp/snmplib/read_config.c:156
0 0 None 1292 2412 read_config_files_in_path call site: 00000 /src/net-snmp/snmplib/read_config.c:1267
0 0 None 1292 2412 read_config_files_in_path call site: 00000 /src/net-snmp/snmplib/read_config.c:1296
0 0 None 1292 2412 read_config_files_in_path call site: 00000 /src/net-snmp/snmplib/read_config.c:1316
0 0 None 1292 2412 read_config_files_in_path call site: 00000 /src/net-snmp/snmplib/read_config.c:1321

Runtime coverage analysis

Covered functions
41
Functions that are reachable but not covered
164
Reachable functions
204
Percentage of reachable functions covered
19.61%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_config_fuzzer.c 1
snmplib/mib.c 39
snmplib/read_config.c 10
snmplib/default_store.c 9
snmplib/strlcpy.c 1
snmplib/snmp_debug.c 1
snmplib/parse.c 61
snmplib/snmp_logging.c 7
snmplib/../include/net-snmp/library/tools.h 1
snmplib/tools.c 3
snmplib/int64.c 5
snmplib/strlcat.c 1

Fuzzer: snmp_parse_oid_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1163 91.4%
gold [1:9] 50 3.93%
yellow [10:29] 4 0.31%
greenyellow [30:49] 1 0.07%
lawngreen 50+ 54 4.24%
All colors 1272 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
260 262 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'malloc']

260 343 netsnmp_set_mib_directory call site: 01151 /src/net-snmp/snmplib/mib.c:2529
2 2 1 :

['strcmp']

2 2 find_tree_node call site: 00066 /src/net-snmp/snmplib/parse.c:1251
0 1865 1 :

['get_node']

0 1865 read_objid call site: 01259 /src/net-snmp/snmplib/mib.c:3003
0 48 1 :

['snmp_log']

0 1704 read_module_replacements call site: 01138 /src/net-snmp/snmplib/parse.c:3838
0 0 None 768 1076 netsnmp_get_mib_directory call site: 01147 /src/net-snmp/snmplib/mib.c:2586
0 0 None 256 402 print_error call site: 00453 /src/net-snmp/snmplib/parse.c:780
0 0 None 95 206 _add_strings_to_oid call site: 01188 /src/net-snmp/snmplib/mib.c:5345
0 0 1 :

['free']

2 2 netsnmp_ds_set_string call site: 01157 /src/net-snmp/snmplib/default_store.c:295
0 0 None 2 2 name_hash call site: 00016 /src/net-snmp/snmplib/parse.c:690
0 0 None 0 1902 snmp_parse_oid call site: 01247 /src/net-snmp/snmplib/mib.c:6073
0 0 None 0 1849 get_node call site: 01244 /src/net-snmp/snmplib/mib.c:5727
0 0 None 0 50 find_best_tree_node call site: 01253 /src/net-snmp/snmplib/parse.c:1361

Runtime coverage analysis

Covered functions
40
Functions that are reachable but not covered
145
Reachable functions
184
Percentage of reachable functions covered
21.2%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_parse_oid_fuzzer.c 1
snmplib/mib.c 50
snmplib/default_store.c 4
snmplib/snmp_debug.c 1
snmplib/parse.c 62
snmplib/../include/net-snmp/library/tools.h 1
snmplib/tools.c 3
snmplib/int64.c 5
snmplib/snmp_logging.c 7
snmplib/strlcpy.c 1
snmplib/strlcat.c 1
snmplib/snmp_api.c 1

Fuzzer: snmp_mib_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 473 40.1%
gold [1:9] 81 6.87%
yellow [10:29] 27 2.29%
greenyellow [30:49] 9 0.76%
lawngreen 50+ 589 49.9%
All colors 1179 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
260 262 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'malloc']

260 343 netsnmp_set_mib_directory call site: 01152 /src/net-snmp/snmplib/mib.c:2529
258 313 7 :

['free', 'netsnmp_ds_get_int', 'debugmsgtoken', 'strdup', 'snmp_get_do_debugging', 'snmp_log', 'debugmsg']

258 313 new_module call site: 00085 /src/net-snmp/snmplib/parse.c:4253
72 72 1 :

['dump_module_list']

844 2883 do_linkup call site: 00510 /src/net-snmp/snmplib/parse.c:1723
61 61 2 :

['__errno_location', 'snmp_log_perror']

61 61 read_module_internal call site: 00495 /src/net-snmp/snmplib/parse.c:3920
57 57 1 :

['snmp_log_perror']

57 57 read_mib call site: 00006 /src/net-snmp/snmplib/parse.c:5033
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00016 /src/net-snmp/snmplib/snmp_logging.c:1098
2 2 1 :

['strdup']

2 1611 parse_moduleIdentity call site: 01063 /src/net-snmp/snmplib/parse.c:3550
2 2 1 :

['strlen']

2 2 strlcat call site: 00734 /src/net-snmp/snmplib/strlcat.c:53
0 2240 4 :

['read_module_internal', 'eat_syntax', 'find_tree_node', 'which_module']

0 7087 parse_capabilities call site: 00991 /src/net-snmp/snmplib/parse.c:3344
0 52 1 :

['free_node']

0 52 parse_trapDefinition call site: 00861 /src/net-snmp/snmplib/parse.c:3017
0 48 1 :

['snmp_log']

0 1778 read_import_replacements call site: 00000 /src/net-snmp/snmplib/parse.c:3874
0 48 1 :

['snmp_log']

0 1704 read_module_replacements call site: 01139 /src/net-snmp/snmplib/parse.c:3838

Runtime coverage analysis

Covered functions
79
Functions that are reachable but not covered
87
Reachable functions
165
Percentage of reachable functions covered
47.27%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_mib_fuzzer.c 1
snmplib/parse.c 61
snmplib/snmp_logging.c 7
snmplib/default_store.c 4
snmplib/snmp_debug.c 1
snmplib/mib.c 34
snmplib/../include/net-snmp/library/tools.h 1
snmplib/tools.c 3
snmplib/int64.c 5
snmplib/strlcpy.c 1
snmplib/strlcat.c 1

Fuzzer: snmp_parse_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 713 74.1%
gold [1:9] 14 1.45%
yellow [10:29] 20 2.07%
greenyellow [30:49] 8 0.83%
lawngreen 50+ 207 21.5%
All colors 962 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
204 204 1 :

['snmp_parse_version']

5678 8690 _snmp_parse call site: 00337 /src/net-snmp/snmplib/snmp_api.c:4294
19 163 3 :

['se_find_label_in_slist', 'snmp_log', 'strcmp']

19 163 register_sec_mod call site: 00000 /src/net-snmp/snmplib/snmp_secmod.c:92
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00068 /src/net-snmp/snmplib/snmp_logging.c:1098
0 13 1 :

['_asn_size_err']

0 13 asn_parse_int call site: 00031 /src/net-snmp/snmplib/asn1.c:581
0 13 1 :

['_asn_size_err']

0 13 asn_parse_unsigned_int call site: 00179 /src/net-snmp/snmplib/asn1.c:670
0 13 1 :

['_asn_type_err']

0 13 asn_parse_bitstring call site: 00290 /src/net-snmp/snmplib/asn1.c:1848
0 13 1 :

['_asn_short_err']

0 13 asn_parse_bitstring call site: 00292 /src/net-snmp/snmplib/asn1.c:1854
0 13 1 :

['_asn_length_err']

0 13 asn_parse_bitstring call site: 00293 /src/net-snmp/snmplib/asn1.c:1859
0 13 1 :

['_asn_size_err']

0 13 asn_parse_unsigned_int64 call site: 00216 /src/net-snmp/snmplib/asn1.c:1969
0 13 1 :

['_asn_short_err']

0 13 asn_parse_unsigned_int64 call site: 00225 /src/net-snmp/snmplib/asn1.c:2025
0 13 1 :

['_asn_size_err']

0 13 asn_parse_signed_int64 call site: 00264 /src/net-snmp/snmplib/asn1.c:2240
0 13 1 :

['_asn_short_err']

0 13 asn_parse_signed_int64 call site: 00272 /src/net-snmp/snmplib/asn1.c:2282

Runtime coverage analysis

Covered functions
51
Functions that are reachable but not covered
163
Reachable functions
210
Percentage of reachable functions covered
22.38%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_parse_fuzzer.c 1
snmplib/snmp_api.c 38
snmplib/snmp_debug.c 4
snmplib/asn1.c 50
snmplib/strlcpy.c 1
snmplib/snmp_logging.c 6
snmplib/default_store.c 3
snmplib/mib.c 1
snmplib/tools.c 3
snmplib/snmp_secmod.c 1
snmplib/snmp.c 4
snmplib/snmp_client.c 10
snmplib/int64.c 5
snmplib/snmp_auth.c 1
snmplib/callback.c 4
snmplib/snmpv3.c 2
snmplib/snmp_enum.c 3
snmplib/snmp_transport.c 2

Fuzzer: read_objid_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1156 92.7%
gold [1:9] 50 4.01%
yellow [10:29] 2 0.16%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 38 3.04%
All colors 1246 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
260 262 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'malloc']

260 343 netsnmp_set_mib_directory call site: 01143 /src/net-snmp/snmplib/mib.c:2529
2 2 1 :

['strcmp']

2 2 find_tree_node call site: 00059 /src/net-snmp/snmplib/parse.c:1251
0 48 1 :

['snmp_log']

0 1704 read_module_replacements call site: 01130 /src/net-snmp/snmplib/parse.c:3838
0 0 None 768 1076 netsnmp_get_mib_directory call site: 01139 /src/net-snmp/snmplib/mib.c:2586
0 0 None 256 402 print_error call site: 00446 /src/net-snmp/snmplib/parse.c:780
0 0 None 95 206 _add_strings_to_oid call site: 01180 /src/net-snmp/snmplib/mib.c:5345
0 0 1 :

['free']

2 2 netsnmp_ds_set_string call site: 01149 /src/net-snmp/snmplib/default_store.c:295
0 0 None 2 2 name_hash call site: 00009 /src/net-snmp/snmplib/parse.c:690
0 0 None 0 3698 get_node call site: 00003 /src/net-snmp/snmplib/mib.c:5715
0 0 None 0 1849 get_node call site: 01236 /src/net-snmp/snmplib/mib.c:5727
0 0 None 0 41 snmp_vlog call site: 00290 /src/net-snmp/snmplib/snmp_logging.c:1376
0 0 None 0 28 snmp_log_string call site: 00291 /src/net-snmp/snmplib/snmp_logging.c:1297

Runtime coverage analysis

Covered functions
34
Functions that are reachable but not covered
142
Reachable functions
175
Percentage of reachable functions covered
18.86%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/read_objid_fuzzer.c 1
snmplib/mib.c 46
snmplib/parse.c 60
snmplib/snmp_debug.c 1
snmplib/default_store.c 4
snmplib/../include/net-snmp/library/tools.h 1
snmplib/tools.c 3
snmplib/int64.c 5
snmplib/snmp_logging.c 7
snmplib/strlcpy.c 1
snmplib/strlcat.c 1
snmplib/snmp_api.c 1

Fuzzer: snmp_transport_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1974 87.5%
gold [1:9] 48 2.12%
yellow [10:29] 25 1.10%
greenyellow [30:49] 5 0.22%
lawngreen 50+ 204 9.04%
All colors 2256 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
514 518 4 :

['snmp_get_do_debugging', 'freeaddrinfo', 'debugmsgtoken', 'debugmsg']

514 518 netsnmp_resolve_v6_hostname call site: 01490 /src/net-snmp/snmplib/transports/snmpIPv6BaseDomain.c:200
256 258 3 :

['snmp_get_do_debugging', 'debugmsgtoken', 'debugmsg']

256 258 netsnmp_gethostbyname_v4 call site: 01149 /src/net-snmp/snmplib/system.c:790
96 96 1 :

['snmp_log']

96 96 _callback_lock call site: 00170 /src/net-snmp/snmplib/callback.c:138
87 87 4 :

['ntohs', 'netsnmp_gethostbyaddr', 'netsnmp_if_indextoname', 'inet_ntop']

89 89 netsnmp_ipv6_fmtaddr call site: 01504 /src/net-snmp/snmplib/transports/snmpIPv6BaseDomain.c:137
60 60 2 :

['CONTAINER_FREE', 'CONTAINER_CLEAR']

60 60 netsnmp_transport_filter_cleanup call site: 02252 /src/net-snmp/snmplib/snmp_transport.c:367
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00050 /src/net-snmp/snmplib/snmp_logging.c:1098
4 294 5 :

['endnetgrent', 'getnetgrent', 'netsnmp_udp_resolve_source', 'netsnmp_udp_com2SecEntry_check_return_code', 'netsnmp_udp_com2SecEntry_create']

4 350 netsnmp_parse_source_as_netgroup call site: 02206 /src/net-snmp/snmplib/transports/snmpUDPDomain.c:391
2 128 3 :

['strchr', 'internal_register_config_handler', 'strlcpy']

2 128 internal_register_config_handler call site: 00014 /src/net-snmp/snmplib/read_config.c:164
0 56 1 :

['config_perror']

0 56 create_com2Sec6Entry call site: 02170 /src/net-snmp/snmplib/transports/snmpUDPIPv6Domain.c:554
0 0 None 834 1049 netsnmp_sockaddr_in6_3 call site: 01478 /src/net-snmp/snmplib/transports/snmpIPv6BaseDomain.c:273
0 0 None 595 609 netsnmp_getaddrinfo call site: 01150 /src/net-snmp/snmplib/system.c:853
0 0 None 532 544 netsnmp_getaddrinfo call site: 01152 /src/net-snmp/snmplib/system.c:858

Runtime coverage analysis

Covered functions
71
Functions that are reachable but not covered
537
Reachable functions
607
Percentage of reachable functions covered
11.53%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_transport_fuzzer.c 1
testing/fuzzing/ada_fuzz_header.h 4
snmplib/default_store.c 9
snmplib/snmp_debug.c 1
snmplib/snmp_transport.c 28
snmplib/read_config.c 22
snmplib/strlcpy.c 1
snmplib/snmp_logging.c 7
snmplib/container.c 14
snmplib/snmp_api.c 4
snmplib/transports/snmpTLSBaseDomain.c 20
snmplib/snmp_openssl.c 15
snmplib/callback.c 5
snmplib/cert_util.c 56
snmplib/tools.c 5
snmplib/system.c 5
snmplib/snmp_enum.c 7
snmplib/dir_utils.c 3
snmplib/file_utils.c 5
snmplib/data_list.c 5
snmplib/transports/snmpTLSTCPDomain.c 14
snmplib/transports/snmpIPv4BaseDomain.c 4
/usr/include/openssl/x509.h 2
/usr/include/openssl/x509v3.h 2
snmplib/transports/snmpSocketBaseDomain.c 6
snmplib/transports/snmpDTLSUDPDomain.c 25
snmplib/transports/snmpIPBaseDomain.c 3
snmplib/transports/snmpUDPDomain.c 13
snmplib/transports/snmpUDPIPv4BaseDomain.c 7
snmplib/sd-daemon.c 6
snmplib/transports/snmpUDPBaseDomain.c 1
snmplib/transports/snmpIPv6BaseDomain.c 9
snmplib/transports/snmpUDPIPv6Domain.c 16
snmplib/transports/snmpUDPsharedDomain.c 16
snmplib/transports/snmpSTDDomain.c 10
snmplib/transports/snmpIPXDomain.c 11
snmplib/transports/snmpAAL5PVCDomain.c 10
snmplib/transports/snmpTCPIPv6Domain.c 6
snmplib/transports/snmpTCPDomain.c 6
snmplib/transports/snmpAliasDomain.c 4
snmplib/strlcat.c 1
snmplib/snmp_service.c 2
snmplib/transports/snmpUnixDomain.c 11

Fuzzer: snmp_pdu_parse_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 67 28.1%
gold [1:9] 4 1.68%
yellow [10:29] 26 10.9%
greenyellow [30:49] 13 5.46%
lawngreen 50+ 128 53.7%
All colors 238 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00104 /src/net-snmp/snmplib/snmp_logging.c:1098
0 13 1 :

['_asn_size_err']

0 13 asn_parse_int call site: 00064 /src/net-snmp/snmplib/asn1.c:581
0 13 1 :

['_asn_size_err']

0 13 asn_parse_unsigned_int call site: 00078 /src/net-snmp/snmplib/asn1.c:670
0 13 1 :

['_asn_type_err']

0 13 asn_parse_bitstring call site: 00209 /src/net-snmp/snmplib/asn1.c:1848
0 13 1 :

['_asn_short_err']

0 13 asn_parse_bitstring call site: 00211 /src/net-snmp/snmplib/asn1.c:1854
0 13 1 :

['_asn_length_err']

0 13 asn_parse_bitstring call site: 00212 /src/net-snmp/snmplib/asn1.c:1859
0 13 1 :

['_asn_size_err']

0 13 asn_parse_unsigned_int64 call site: 00135 /src/net-snmp/snmplib/asn1.c:1969
0 13 1 :

['_asn_short_err']

0 13 asn_parse_unsigned_int64 call site: 00144 /src/net-snmp/snmplib/asn1.c:2025
0 13 1 :

['_asn_size_err']

0 13 asn_parse_signed_int64 call site: 00183 /src/net-snmp/snmplib/asn1.c:2240
0 13 1 :

['_asn_short_err']

0 13 asn_parse_signed_int64 call site: 00191 /src/net-snmp/snmplib/asn1.c:2282
0 13 1 :

['_asn_short_err']

0 13 asn_parse_float call site: 00162 /src/net-snmp/snmplib/asn1.c:2496
0 13 1 :

['_asn_short_err']

0 13 asn_parse_double call site: 00176 /src/net-snmp/snmplib/asn1.c:2686

Runtime coverage analysis

Covered functions
41
Functions that are reachable but not covered
75
Reachable functions
115
Percentage of reachable functions covered
34.78%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_pdu_parse_fuzzer.c 1
snmplib/snmp_api.c 10
snmplib/asn1.c 18
snmplib/strlcpy.c 1
snmplib/snmp_debug.c 1
snmplib/tools.c 2
snmplib/mib.c 1
snmplib/snmp_logging.c 6
snmplib/default_store.c 1
snmplib/snmp.c 1
snmplib/snmp_client.c 1
snmplib/int64.c 5
snmplib/snmp_secmod.c 1

Fuzzer: parse_octet_hint_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 24 75.0%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 7 21.8%
lawngreen 50+ 1 3.12%
All colors 32 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
0 0 1 :

['free']

0 0 parse_octet_hint call site: 00031 /src/net-snmp/snmplib/mib.c:6323

Runtime coverage analysis

Covered functions
5
Functions that are reachable but not covered
9
Reachable functions
13
Percentage of reachable functions covered
30.77%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/parse_octet_hint_fuzzer.c 1
snmplib/mib.c 6

Fuzzer: snmp_print_var_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1011 76.7%
gold [1:9] 85 6.45%
yellow [10:29] 39 2.96%
greenyellow [30:49] 26 1.97%
lawngreen 50+ 156 11.8%
All colors 1317 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1660 1660 3 :

['strtok_r', 'free', 'read_mib']

2440 2450 netsnmp_init_mib call site: 00000 /src/net-snmp/snmplib/mib.c:2790
260 262 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'malloc']

260 343 netsnmp_set_mib_directory call site: 01165 /src/net-snmp/snmplib/mib.c:2530
197 197 3 :

['free', 'strrchr', 'add_mibfile']

197 197 add_mibdir call site: 00000 /src/net-snmp/snmplib/parse.c:5005
195 195 1 :

['add_mibfile']

6504 9838 netsnmp_init_mib call site: 00000 /src/net-snmp/snmplib/mib.c:2697
15 15 1 :

['printI64']

15 96 sprint_realloc_counter64 call site: 00293 /src/net-snmp/snmplib/mib.c:959
12 23 3 :

['strlen', 'sprint_char', 'snmp_realloc']

12 23 _sprint_hexstring_line call site: 00137 /src/net-snmp/snmplib/mib.c:328
2 829 3 :

['memchr', 'snmp_realloc', 'sprint_realloc_octet_string']

2 1114 sprint_realloc_octet_string call site: 00061 /src/net-snmp/snmplib/mib.c:475
2 2 1 :

['strlen']

2 29 sprint_realloc_hinted_integer call site: 00329 /src/net-snmp/snmplib/mib.c:1298
2 2 1 :

['strcmp']

2 2 find_tree_node call site: 00080 /src/net-snmp/snmplib/parse.c:1251
2 2 1 :

['strlen']

2 2 strlcat call site: 00747 /src/net-snmp/snmplib/strlcat.c:53
0 706 2 :

['sprint_realloc_by_type', 'netsnmp_ds_get_boolean']

0 733 sprint_realloc_null call site: 00245 /src/net-snmp/snmplib/mib.c:1772
0 701 1 :

['sprint_realloc_by_type']

0 733 sprint_realloc_octet_string call site: 00058 /src/net-snmp/snmplib/mib.c:462

Runtime coverage analysis

Covered functions
82
Functions that are reachable but not covered
109
Reachable functions
185
Percentage of reachable functions covered
41.08%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_print_var_fuzzer.c 1
testing/fuzzing/ada_fuzz_header.h 4
snmplib/default_store.c 5
snmplib/snmp_debug.c 1
snmplib/mib.c 51
snmplib/parse.c 60
snmplib/../include/net-snmp/library/tools.h 1
snmplib/tools.c 3
snmplib/int64.c 5
snmplib/snmp_logging.c 7
snmplib/strlcpy.c 1
snmplib/strlcat.c 1
snmplib/snmp_api.c 1

Fuzzer: snmp_config_mem_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1163 89.7%
gold [1:9] 51 3.93%
yellow [10:29] 5 0.38%
greenyellow [30:49] 6 0.46%
lawngreen 50+ 71 5.47%
All colors 1296 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
260 262 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'malloc']

260 343 netsnmp_set_mib_directory call site: 01178 /src/net-snmp/snmplib/mib.c:2529
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00027 /src/net-snmp/snmplib/snmp_logging.c:1098
2 2 1 :

['strcmp']

2 2 find_tree_node call site: 00110 /src/net-snmp/snmplib/parse.c:1251
0 48 1 :

['snmp_log']

0 1704 read_module_replacements call site: 01165 /src/net-snmp/snmplib/parse.c:3838
0 0 None 768 1076 netsnmp_get_mib_directory call site: 01174 /src/net-snmp/snmplib/mib.c:2586
0 0 None 264 2684 read_config_read_memory call site: 00001 /src/net-snmp/snmplib/read_config.c:2244
0 0 1 :

['malloc']

258 2265 read_config_read_objid_const call site: 00050 /src/net-snmp/snmplib/read_config.c:2123
0 0 None 258 269 copy_nword_const call site: 00003 /src/net-snmp/snmplib/read_config.c:1833
0 0 None 256 402 print_error call site: 00480 /src/net-snmp/snmplib/parse.c:780
0 0 None 95 206 _add_strings_to_oid call site: 01215 /src/net-snmp/snmplib/mib.c:5345
0 0 1 :

['malloc']

2 103 read_config_read_octet_string_const call site: 00044 /src/net-snmp/snmplib/read_config.c:2063
0 0 1 :

['malloc']

2 11 read_config_read_octet_string_const call site: 00038 /src/net-snmp/snmplib/read_config.c:2015

Runtime coverage analysis

Covered functions
50
Functions that are reachable but not covered
142
Reachable functions
191
Percentage of reachable functions covered
25.65%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_config_mem_fuzzer.c 1
snmplib/read_config.c 11
snmplib/snmp_debug.c 1
snmplib/snmp_logging.c 7
snmplib/default_store.c 4
snmplib/mib.c 46
snmplib/parse.c 60
snmplib/../include/net-snmp/library/tools.h 1
snmplib/tools.c 3
snmplib/int64.c 9
snmplib/strlcpy.c 1
snmplib/strlcat.c 1
snmplib/snmp_api.c 1

Fuzzer: snmp_e2e_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 4957 82.7%
gold [1:9] 658 10.9%
yellow [10:29] 68 1.13%
greenyellow [30:49] 26 0.43%
lawngreen 50+ 283 4.72%
All colors 5992 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
4371 4371 1 :

['_sess_read_accept']

4371 4371 _sess_read call site: 04653 /src/net-snmp/snmplib/snmp_api.c:6137
1660 1660 3 :

['strtok_r', 'free', 'read_mib']

1672 2450 netsnmp_init_mib call site: 05792 /src/net-snmp/snmplib/mib.c:2790
1413 1413 6 :

['netsnmp_directory_container_read_some', '_certindex_new', '_add_certfile', '_cert_read_index', 'fclose', 'netsnmp_directory_container_free']

1413 2581 _add_certdir call site: 00591 /src/net-snmp/snmplib/cert_util.c:1639
1079 2157 23 :

['free', 'run_config_handler', 'realloc', 'netsnmp_ds_get_boolean', 'strcmp', 'strncasecmp', 'strlen', 'closedir', 'fclose', 'strlcat', 'fgets', 'opendir', 'netsnmp_config_warn', 'read_config', 'read_config_files_of_type', 'read_config_get_handlers', 'netsnmp_config_error', 'skip_white', 'strlcpy', 'strrchr', 'strcasecmp', 'copy_nword', 'readdir']

1079 3189 read_config call site: 02295 /src/net-snmp/snmplib/read_config.c:762
268 784 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'snmp_sess_close', 'snmpv3_engineID_probe', 'debugmsg']

268 784 snmp_sess_add_ex call site: 04721 /src/net-snmp/snmplib/snmp_api.c:1857
204 204 1 :

['snmp_parse_version']

3565 8690 _snmp_parse call site: 04762 /src/net-snmp/snmplib/snmp_api.c:4294
199 212 4 :

['generate_Ku', 'snmp_duplicate_objid', 'get_default_privtype', 'snmp_perror']

205 486 netsnmp_parse_args call site: 05966 /src/net-snmp/snmplib/snmp_parse_args.c:593
197 197 3 :

['free', 'strrchr', 'add_mibfile']

197 197 add_mibdir call site: 00000 /src/net-snmp/snmplib/parse.c:5005
195 195 1 :

['add_mibfile']

5224 9838 netsnmp_init_mib call site: 05771 /src/net-snmp/snmplib/mib.c:2697
182 182 1 :

['snmp_sess_close']

182 182 snmp_close call site: 04610 /src/net-snmp/snmplib/snmp_api.c:2056
182 182 1 :

['snmp_sess_close']

182 182 _sess_copy call site: 04717 /src/net-snmp/snmplib/snmp_api.c:1299
118 118 1 :

['netsnmp_transport_free']

118 118 snmp_sess_add_ex call site: 04676 /src/net-snmp/snmplib/snmp_api.c:1828

Runtime coverage analysis

Covered functions
311
Functions that are reachable but not covered
904
Reachable functions
1207
Percentage of reachable functions covered
25.1%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_e2e_fuzzer.c 4
snmplib/snmp_parse_args.c 3
snmplib/snmp_api.c 83
snmplib/parse.c 62
snmplib/snmp_debug.c 10
snmplib/mib.c 43
snmplib/default_store.c 11
snmplib/../include/net-snmp/library/tools.h 1
snmplib/tools.c 9
snmplib/int64.c 5
snmplib/snmp_logging.c 27
snmplib/snmp_transport.c 30
snmplib/transports/snmpTLSBaseDomain.c 20
snmplib/snmp_openssl.c 15
snmplib/read_config.c 45
snmplib/strlcpy.c 1
snmplib/callback.c 7
snmplib/cert_util.c 59
snmplib/system.c 7
snmplib/snmp_enum.c 14
snmplib/dir_utils.c 3
snmplib/container.c 22
snmplib/file_utils.c 5
snmplib/data_list.c 5
snmplib/transports/snmpTLSTCPDomain.c 14
snmplib/transports/snmpIPv4BaseDomain.c 4
/usr/include/openssl/x509.h 2
/usr/include/openssl/x509v3.h 2
snmplib/transports/snmpSocketBaseDomain.c 6
snmplib/transports/snmpDTLSUDPDomain.c 25
snmplib/transports/snmpIPBaseDomain.c 3
snmplib/transports/snmpUDPDomain.c 8
snmplib/transports/snmpUDPIPv4BaseDomain.c 7
snmplib/sd-daemon.c 6
snmplib/transports/snmpUDPBaseDomain.c 1
snmplib/transports/snmpIPv6BaseDomain.c 7
snmplib/transports/snmpUDPIPv6Domain.c 14
snmplib/transports/snmpUDPsharedDomain.c 16
snmplib/transports/snmpSTDDomain.c 10
snmplib/transports/snmpIPXDomain.c 11
snmplib/transports/snmpAAL5PVCDomain.c 10
snmplib/transports/snmpTCPIPv6Domain.c 6
snmplib/transports/snmpTCPDomain.c 6
snmplib/transports/snmpAliasDomain.c 4
snmplib/strlcat.c 1
snmplib/snmp_service.c 10
snmplib/transports/snmpUnixDomain.c 10
snmplib/snmp_version.c 1
snmplib/container_binary_array.c 31
snmplib/container_list_ssll.c 1
snmplib/container_null.c 2
snmplib/snmpv3.c 24
snmplib/lcd_time.c 6
snmplib/scapi.c 20
snmplib/snmp_secmod.c 4
snmplib/snmpusm.c 56
snmplib/asn1.c 51
snmplib/keytools.c 5
snmplib/snmp_client.c 15
snmplib/snmp.c 4
snmplib/large_fd_set.c 10
snmplib/snmp_alarm.c 11
snmplib/snmp_auth.c 1
snmplib/snmptsm.c 7
snmplib/snmpksm.c 12
snmplib/vacm.c 1

Fuzzer: snmp_scoped_pdu_parse_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 53 61.6%
gold [1:9] 7 8.13%
yellow [10:29] 2 2.32%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 24 27.9%
All colors 86 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
617 855 10 :

['asn_parse_string', 'debugmsgtoken', 'asn_parse_header', 'snmp_get_do_debugging', 'strdup', 'debug_indent_add', 'debug_is_token_registered', 'debugmsg', 'debug_indent_get', 'netsnmp_memdup']

617 873 snmpv3_scopedPDU_parse call site: 00050 /src/net-snmp/snmplib/snmp_api.c:4913
0 0 None 96 99 free_securityStateRef call site: 00061 /src/net-snmp/snmplib/snmp_api.c:4046
0 0 None 0 106 asn_parse_header call site: 00004 /src/net-snmp/snmplib/asn1.c:1082
0 0 None 0 74 snmp_free_pdu call site: 00060 /src/net-snmp/snmplib/snmp_api.c:5517
0 0 None 0 27 asn_parse_length call site: 00013 /src/net-snmp/snmplib/asn1.c:1307
0 0 None 0 15 snmp_free_pdu call site: 00082 /src/net-snmp/snmplib/snmp_api.c:5523
0 0 None 0 0 asn_parse_nlength call site: 00012 /src/net-snmp/snmplib/asn1.c:330
0 0 None 0 0 asn_parse_nlength call site: 00012 /src/net-snmp/snmplib/asn1.c:333
0 0 None 0 0 asn_parse_length call site: 00014 /src/net-snmp/snmplib/asn1.c:1313
0 0 None 0 0 strlcpy call site: 00007 /src/net-snmp/snmplib/strlcpy.c:30
0 0 None 0 0 strlcpy call site: 00007 /src/net-snmp/snmplib/strlcpy.c:34

Runtime coverage analysis

Covered functions
16
Functions that are reachable but not covered
40
Reachable functions
55
Percentage of reachable functions covered
27.27%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_scoped_pdu_parse_fuzzer.c 1
snmplib/snmp_api.c 7
snmplib/asn1.c 8
snmplib/strlcpy.c 1
snmplib/snmp_debug.c 1
snmplib/mib.c 1
snmplib/tools.c 2
snmplib/snmp_secmod.c 1
snmplib/snmp_logging.c 6
snmplib/default_store.c 1

Fuzzer: agentx_parse_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 123 26.3%
gold [1:9] 4 0.85%
yellow [10:29] 15 3.21%
greenyellow [30:49] 29 6.22%
lawngreen 50+ 295 63.3%
All colors 466 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
192 192 1 :

['snmp_log']

192 192 snmp_set_var_value call site: 00103 /src/net-snmp/snmplib/snmp_client.c:842
48 48 1 :

['snmp_log']

48 48 snmp_set_var_value call site: 00124 /src/net-snmp/snmplib/snmp_client.c:920
48 48 1 :

['snmp_log']

48 48 snmp_set_var_value call site: 00126 /src/net-snmp/snmplib/snmp_client.c:940
48 48 1 :

['snmp_log']

48 48 snmp_set_var_value call site: 00127 /src/net-snmp/snmplib/snmp_client.c:966
48 48 1 :

['snmp_log']

48 48 snmp_set_var_value call site: 00128 /src/net-snmp/snmplib/snmp_client.c:977
48 48 1 :

['snmp_log']

48 48 snmp_set_var_value call site: 00129 /src/net-snmp/snmplib/snmp_client.c:987
0 12 1 :

['snmp_free_var']

0 12 snmp_varlist_add_variable call site: 00102 /src/net-snmp/snmplib/snmp_api.c:7247
0 0 None 11990 22361 _agentx_realloc_build call site: 00213 /src/net-snmp/agent/mibgroup/agentx/protocol.c:705
0 0 None 6626 15672 agentx_parse call site: 00003 /src/net-snmp/agent/mibgroup/agentx/protocol.c:1588
0 0 None 3900 8706 agentx_realloc_build_varbind call site: 00367 /src/net-snmp/agent/mibgroup/agentx/protocol.c:392
0 0 None 3900 8706 agentx_realloc_build_varbind call site: 00370 /src/net-snmp/agent/mibgroup/agentx/protocol.c:402
0 0 None 3399 7091 agentx_realloc_build_varbind call site: 00380 /src/net-snmp/agent/mibgroup/agentx/protocol.c:434

Runtime coverage analysis

Covered functions
39
Functions that are reachable but not covered
84
Reachable functions
122
Percentage of reachable functions covered
31.15%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/agentx_parse_fuzzer.c 1
agent/mibgroup/agentx/protocol.c 22
snmplib/snmp_debug.c 2
snmplib/mib.c 1
snmplib/tools.c 1
snmplib/snmp_client.c 4
snmplib/snmp_api.c 8
snmplib/snmp_logging.c 6
snmplib/default_store.c 1
snmplib/strlcpy.c 1
snmplib/snmp_secmod.c 1

Fuzzer: snmp_api_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1567 63.5%
gold [1:9] 100 4.05%
yellow [10:29] 59 2.39%
greenyellow [30:49] 32 1.29%
lawngreen 50+ 707 28.6%
All colors 2465 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
4208 8107 17 :

['snmp_pdu_realloc_rbuild', 'free', 'debug_is_token_registered', 'asn_realloc_rbuild_sequence', 'debugmsg', 'asn_build_string', 'asn_realloc_rbuild_int', 'netsnmp_memdup', 'debugmsgtoken', 'asn_realloc_rbuild_string', 'snmp_get_do_debugging', 'snmp_pdu_build', 'debug_indent_add', 'asn_build_sequence', 'snmp_pdu_type', 'debug_indent_get', 'asn_build_int']

4208 8107 _snmp_build call site: 02364 /src/net-snmp/snmplib/snmp_api.c:2950
3038 3407 11 :

['debugmsgtoken', 'snmp_free_varbind', 'snmp_get_do_debugging', 'snmp_log', 'snmp_clone_pdu', 'snmpv3_get_engineID', 'snmp_free_pdu', 'debugmsg', 'snmp_sess_send', 'snmp_pdu_add_variable', 'snmp_oid_compare']

3038 3407 _snmp_parse call site: 02044 /src/net-snmp/snmplib/snmp_api.c:4438
260 262 5 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'malloc']

260 343 netsnmp_set_mib_directory call site: 01374 /src/net-snmp/snmplib/mib.c:2529
256 273 4 :

['snmp_get_do_debugging', 'debugmsgtoken', 'snmp_free_varbind', 'debugmsg']

256 301 snmp_pdu_build call site: 01689 /src/net-snmp/snmplib/snmp_api.c:3420
105 105 1 :

['snmp_call_callbacks']

3143 3576 _snmp_parse call site: 02028 /src/net-snmp/snmplib/snmp_api.c:4385
19 163 3 :

['se_find_label_in_slist', 'snmp_log', 'strcmp']

19 163 register_sec_mod call site: 00000 /src/net-snmp/snmplib/snmp_secmod.c:92
9 9 1 :

['sprintf_stamp']

11 11 log_handler_stdouterr call site: 00111 /src/net-snmp/snmplib/snmp_logging.c:1098
6 139 5 :

['strtok_r', 'strcmp', 'snmp_realloc', 'strtoul', 'snmp_pdu_add_variable']

6 175 snmp_add_var call site: 01516 /src/net-snmp/snmplib/snmp_api.c:7612
2 2 1 :

['strcmp']

2 2 find_tree_node call site: 00312 /src/net-snmp/snmplib/parse.c:1251
0 1865 1 :

['get_node']

0 1865 read_objid call site: 01481 /src/net-snmp/snmplib/mib.c:3003
0 1167 3 :

['asn_realloc_rbuild_string', 'asn_realloc_rbuild_objid', 'asn_realloc_rbuild_unsigned_int']

2505 4725 snmp_pdu_realloc_rbuild call site: 02265 /src/net-snmp/snmplib/snmp_api.c:3548
0 96 1 :

['store_byte']

1221 1460 asn_realloc_rbuild_objid call site: 02197 /src/net-snmp/snmplib/asn1.c:3308

Runtime coverage analysis

Covered functions
161
Functions that are reachable but not covered
192
Reachable functions
349
Percentage of reachable functions covered
44.99%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_api_fuzzer.c 1
testing/fuzzing/ada_fuzz_header.h 7
agent/mibgroup/agentx/protocol.c 11
snmplib/snmp_debug.c 5
snmplib/mib.c 50
snmplib/tools.c 7
snmplib/snmp_client.c 11
snmplib/snmp_api.c 43
snmplib/snmp_logging.c 7
snmplib/default_store.c 5
snmplib/strlcpy.c 1
snmplib/int64.c 9
snmplib/parse.c 62
snmplib/../include/net-snmp/library/tools.h 1
snmplib/strlcat.c 1
snmplib/asn1.c 50
snmplib/snmp.c 4
snmplib/snmp_secmod.c 1
snmplib/snmp_auth.c 1
snmplib/callback.c 4
snmplib/snmpv3.c 3
snmplib/snmp_enum.c 3
snmplib/snmp_transport.c 2

Fuzzer: snmp_agent_e2e_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Full calltree

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 6749 75.6%
gold [1:9] 167 1.87%
yellow [10:29] 92 1.03%
greenyellow [30:49] 41 0.45%
lawngreen 50+ 1867 20.9%
All colors 8916 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
10603 10603 1 :

['real_init_master']

10826 11098 init_master_agent call site: 08580 /src/net-snmp/agent/snmp_agent.c:1525
9170 9170 1 :

['subagent_init']

9170 23011 init_agent call site: 08229 /src/net-snmp/agent/snmp_vars.c:311
4878 5027 11 :

['free', 'debugmsgtoken', 'netsnmp_max_send_msg_size', 'snmp_get_do_debugging', 'snmp_log', 'count_varbinds', 'snmpv3_engineID_probe', 'debugmsg', 'netsnmp_ds_get_boolean', 'malloc', 'netsnmp_build_packet']

4878 5027 _build_initial_pdu_packet call site: 04558 /src/net-snmp/snmplib/snmp_api.c:5007
4023 4025 6 :

['debugmsgtoken', 'snmp_get_do_debugging', 'get_wild_node', 'get_node', 'clear_tree_flags', 'debugmsg']

4023 4025 snmp_parse_oid call site: 06961 /src/net-snmp/snmplib/mib.c:6080
2276 4776 6 :

['netsnmp_remove_and_free_agent_snmp_session', 'snmp_increment_statistic', 'snmp_call_callbacks', 'snmp_send', 'snmp_free_pdu', 'send_easy_trap']

2276 4776 handle_snmp_packet call site: 06589 /src/net-snmp/agent/snmp_agent.c:2240
1865 1865 1 :

['get_node']

1865 1865 read_objid call site: 06961 /src/net-snmp/snmplib/mib.c:3003
1860 1860 1 :

['_sess_async_send']

1860 1860 snmp_sess_async_send call site: 04556 /src/net-snmp/snmplib/snmp_api.c:5454
1660 1660 3 :

['strtok_r', 'free', 'read_mib']

2440 2450 netsnmp_init_mib call site: 06111 /src/net-snmp/snmplib/mib.c:2790
1413 1413 6 :

['netsnmp_directory_container_read_some', '_certindex_new', '_add_certfile', '_cert_read_index', 'fclose', 'netsnmp_directory_container_free']

2565 2581 _add_certdir call site: 01086 /src/net-snmp/snmplib/cert_util.c:1639
1292 2412 7 :

['debugmsgtoken', 'snmp_get_do_debugging', 'debugmsg', 'strlen', 'stat', 'read_config', 'strncmp']

1292 2412 read_config_files_in_path call site: 00498 /src/net-snmp/snmplib/read_config.c:1324
911 911 1 :

['netsnmp_pdu_stats_process']

1935 6262 netsnmp_wrap_up_request call site: 06751 /src/net-snmp/agent/snmp_agent.c:1895
840 840 1 :

['netsnmp_cache_timer_start']

840 840 netsnmp_cache_handler_get call site: 07380 /src/net-snmp/agent/helpers/cache_handler.c:397

Runtime coverage analysis

Covered functions
589
Functions that are reachable but not covered
1268
Reachable functions
1845
Percentage of reachable functions covered
31.27%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
testing/fuzzing/snmp_agent_e2e_fuzzer.c 1
testing/fuzzing/ada_fuzz_header.h 4
agent/snmp_vars.c 6
snmplib/snmp_logging.c 28
snmplib/default_store.c 12
agent/snmp_agent.c 58
snmplib/tools.c 13
snmplib/snmp_debug.c 12
agent/kernel.c 2
agent/agent_registry.c 40
snmplib/snmp_api.c 99
agent/helpers/null.c 3
agent/agent_handler.c 31
agent/helpers/bulk_to_next.c 4
snmplib/snmp_enum.c 15
snmplib/snmp_client.c 22
snmplib/mib.c 68
snmplib/../include/net-snmp/library/tools.h 1
snmplib/callback.c 10
agent/agent_read_config.c 8
snmplib/read_config.c 53
snmplib/strlcpy.c 1
agent/agent_trap.c 27
snmplib/snmp_transport.c 37
snmplib/strlcat.c 1
snmplib/snmp_service.c 12
snmplib/parse.c 65
snmplib/int64.c 9
snmplib/transports/snmpTLSBaseDomain.c 20
snmplib/snmp_openssl.c 15
snmplib/cert_util.c 73
snmplib/system.c 8
snmplib/dir_utils.c 3
snmplib/container.c 26
snmplib/file_utils.c 5
snmplib/data_list.c 8
snmplib/transports/snmpTLSTCPDomain.c 14
snmplib/transports/snmpIPv4BaseDomain.c 6
/usr/include/openssl/x509.h 2
/usr/include/openssl/x509v3.h 2
snmplib/transports/snmpSocketBaseDomain.c 6
snmplib/transports/snmpDTLSUDPDomain.c 25
snmplib/transports/snmpIPBaseDomain.c 3
snmplib/transports/snmpUDPDomain.c 15
snmplib/transports/snmpUDPIPv4BaseDomain.c 7
snmplib/sd-daemon.c 6
snmplib/transports/snmpUDPBaseDomain.c 1
snmplib/transports/snmpIPv6BaseDomain.c 7
snmplib/transports/snmpUDPIPv6Domain.c 18
snmplib/transports/snmpUDPsharedDomain.c 16
snmplib/transports/snmpSTDDomain.c 10
snmplib/transports/snmpIPXDomain.c 11
snmplib/transports/snmpAAL5PVCDomain.c 10
snmplib/transports/snmpTCPIPv6Domain.c 6
snmplib/transports/snmpTCPDomain.c 6
snmplib/transports/snmpAliasDomain.c 4
snmplib/transports/snmpUnixDomain.c 15
snmplib/snmp_secmod.c 6
snmplib/snmp_parse_args.c 2
snmplib/snmp_version.c 1
snmplib/container_binary_array.c 31
snmplib/container_list_ssll.c 1
snmplib/container_null.c 2
snmplib/snmpv3.c 24
snmplib/lcd_time.c 6
snmplib/scapi.c 21
snmplib/snmpusm.c 65
snmplib/asn1.c 51
snmplib/keytools.c 5
snmplib/snmp.c 4
snmplib/large_fd_set.c 10
snmplib/snmp_alarm.c 15
snmplib/snmp_auth.c 1
snmplib/snmptsm.c 7
snmplib/snmpksm.c 12
snmplib/vacm.c 18
snmplib/transports/snmpCallbackDomain.c 12
agent/helpers/all_helpers.c 1
agent/helpers/debug_handler.c 4
agent/helpers/serialize.c 3
agent/helpers/read_only.c 3
agent/helpers/table_dataset.c 24
agent/helpers/table_data.c 15
agent/helpers/table.c 13
snmplib/oid_stash.c 7
agent/helpers/row_merge.c 5
agent/helpers/stash_cache.c 8
agent/helpers/cache_handler.c 15
agent/helpers/stash_to_next.c 2
agent/agent_sysORTable.c 10
agent/mibgroup/agentx/agentx_config.c 3
agent/mibgroup/agentx/subagent.c 21
agent/mibgroup/agentx/client.c 11
agent/mibgroup/agentx/protocol.c 11
agent/mibgroup/smux/smux.c 4
agent/mibgroup/snmpv3/usmConf.c 1
agent/mibgroup/utilities/iquery.c 7
agent/mibgroup/mibII/vacm_conf.c 26
agent/mibgroup/agentx/master.c 3
agent/mibgroup/agentx/master_admin.c 12
agent/agent_index.c 4

Analyses and suggestions

Optimal target analysis

Remaining optimal interesting functions

The following table shows a list of functions that are optimal targets. Optimal targets are identified by finding the functions that in combination, yield a high code coverage.

Func name Functions filename Arg count Args Function depth hitcount instr count bb count cyclomatic complexity Reachable functions Incoming references total cyclomatic complexity Unreached complexity
smux_accept /src/net-snmp/agent/mibgroup/smux/smux.c 1 ['int '] 15 0 406 73 21 315 0 3302 345
netsnmp_dtlsudp_close /src/net-snmp/snmplib/transports/snmpDTLSUDPDomain.c 1 ['struct.netsnmp_transport_s *'] 6 0 439 83 23 243 0 1322 211
netsnmp_row_create /src/net-snmp/snmplib/snmp_client.c 3 ['struct.snmp_session *', 'struct.variable_list *', 'int '] 20 0 178 14 4 780 0 6691 120
print_description /src/net-snmp/snmplib/mib.c 3 ['size_t *', 'size_t ', 'int '] 4 0 25 3 2 34 0 230 115
netsnmp_container_get_singly_linked_list /src/net-snmp/snmplib/container_list_ssll.c 1 ['int '] 7 0 40 6 3 39 1 153 76
netsnmp_vacm_simple_usm_add /src/net-snmp/snmplib/vacm.c 7 ['char *', 'int ', 'int ', 'char *', 'size_t *', 'size_t ', 'char *'] 5 0 557 107 32 36 0 195 65
netsnmp_register_mib_table_row /src/net-snmp/agent/helpers/old_api.c 12 ['char *', 'struct.variable *', 'size_t ', 'size_t ', 'size_t *', 'size_t ', 'int ', 'int ', 'struct.snmp_session *', 'char *', 'int ', 'int '] 10 0 461 61 20 154 0 1357 60

Implementing fuzzers that target the above functions will improve reachability such that it becomes:

Functions statically reachable by fuzzers
78.0%
1676 / 2149
Cyclomatic complexity statically reachable by fuzzers
88.0%
16768 / 19000

All functions overview

If you implement fuzzers for these functions, the status of all functions in the project will be:

Func name Functions filename Args Function call depth Reached by Fuzzers Fuzzers runtime hit Func lines hit % I Count BB Count Cyclomatic complexity Functions reached Reached by functions Accumulated cyclomatic complexity Undiscovered complexity

Runtime coverage analysis

This section shows analysis of runtime coverage data.

For futher technical details on how this section is generated, please see the Glossary .

Complex functions with low coverage

Func name Function total lines Lines covered at runtime percentage covered Reached by fuzzers
snmp_log_string 33 18 54.54% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
set_function 57 21 36.84% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'read_objid_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
_add_strings_to_oid 365 119 32.60% ['snmp_parse_oid_fuzzer', 'read_objid_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
parse_capabilities 181 81 44.75% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'read_objid_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
snmpv3_parse 243 132 54.32% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
register_sec_mod 43 20 46.51% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_getaddrinfo 62 26 41.93% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_ipv6_fmtaddr 44 22 50.0% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
parse_octet_hint 87 20 22.98% ['snmp_parse_oid_fuzzer', 'read_objid_fuzzer', 'parse_octet_hint_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_octet_string 232 49 21.12% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_float 37 18 48.64% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_double 37 18 48.64% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_counter64 73 35 47.94% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_opaque 57 25 43.85% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_object_identifier 32 15 46.87% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_timeticks 39 20 51.28% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_integer 60 28 46.66% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_uinteger 55 25 45.45% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_gauge 38 15 39.47% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
sprint_realloc_bitstring 75 35 46.66% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
_get_realloc_symbol 358 51 14.24% ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
_certindexes_load 44 22 50.0% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
_add_certdir 63 14 22.22% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_large_fd_set_resize 39 20 51.28% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
sc_get_openssl_hashfn 31 11 35.48% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
_sess_read 182 33 18.13% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
_sess_copy 177 93 52.54% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
_sess_process_packet_parse_pdu 90 38 42.22% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
_sess_process_packet_handle_pdu 105 21 20.0% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
debug_register_tokens 34 18 52.94% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_parse_args 381 77 20.20% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
usm_create_user_from_session 135 10 7.407% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
usm_session_init 85 33 38.82% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
setup_engineID 142 55 38.73% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
snmpv3_scopedPDU_parse 49 23 46.93% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
snmp_set_var_value 176 94 53.40% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
asn_build_string 36 17 47.22% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
asn_realloc_rbuild_length 46 18 39.13% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
asn_realloc_rbuild_string 48 19 39.58% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
asn_realloc_rbuild_bitstring 49 18 36.73% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
snmp_pdu_realloc_rbuild 160 66 41.25% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
snmpv3_build 131 9 6.870% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
_check_range 37 10 27.02% ['snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_register_handler 55 19 34.54% ['snmp_agent_e2e_fuzzer']
netsnmp_call_handler 38 18 47.36% ['snmp_agent_e2e_fuzzer']
netsnmp_subtree_load 128 63 49.21% ['snmp_agent_e2e_fuzzer']
netsnmp_register_mib 126 69 54.76% ['snmp_agent_e2e_fuzzer']
in_a_view 35 5 14.28% ['snmp_agent_e2e_fuzzer']
vacm_parse_view 75 40 53.33% ['snmp_agent_e2e_fuzzer']
handle_snmp_packet 64 25 39.06% ['snmp_agent_e2e_fuzzer']
check_acm 48 26 54.16% ['snmp_agent_e2e_fuzzer']
check_getnext_results 56 10 17.85% ['snmp_agent_e2e_fuzzer']
handle_getnext_loop 62 15 24.19% ['snmp_agent_e2e_fuzzer']
netsnmp_handle_request 61 21 34.42% ['snmp_agent_e2e_fuzzer']
unregister_config_handler 57 22 38.59% ['snmp_agent_e2e_fuzzer']
netsnmp_sd_listen_fds 58 12 20.68% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
_build_initial_pdu_packet 133 10 7.518% ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
usm_free_user 51 23 45.09% ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_sock_buffer_set 53 24 45.28% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_udpipv4base_transport_init 47 18 38.29% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
netsnmp_udpipv4base_transport_bind 49 19 38.77% ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']

Files and Directories in report

This section shows which files and directories are considered in this report. The main reason for showing this is fuzz introspector may include more code in the reasoning than is desired. This section helps identify if too many files/directories are included, e.g. third party code, which may be irrelevant for the threat model. In the event too much is included, fuzz introspector supports a configuration file that can exclude data from the report. See the following link for more information on how to create a config file: link

Files in report

Source file Reached by Covered by
[] []
/src/net-snmp/agent/agent_trap.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/mibgroup/agentx/master_admin.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/agent/helpers/stash_to_next.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpUDPsharedDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_alarm.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmpusm.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/fd_event_manager.c [] []
/src/net-snmp/testing/fuzzing/parse_octet_hint_fuzzer.c ['parse_octet_hint_fuzzer'] ['parse_octet_hint_fuzzer']
/src/net-snmp/snmplib/container_null.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/mibgroup/utilities/iquery.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_mib_fuzzer.c ['snmp_mib_fuzzer'] ['snmp_mib_fuzzer']
/src/net-snmp/snmplib/snmp_version.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] []
/src/net-snmp/agent/helpers/stash_cache.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_agent_e2e_fuzzer.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/vacm.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpSocketBaseDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/large_fd_set.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_pdu_parse_fuzzer.c ['snmp_pdu_parse_fuzzer'] ['snmp_pdu_parse_fuzzer']
/src/net-snmp/snmplib/strlcat.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_mib_fuzzer', 'snmp_print_var_fuzzer']
/src/net-snmp/snmplib/asn1.c ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpUnixDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/row_merge.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/agent_read_config.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/mibgroup/agentx/agentx_config.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/container_list_ssll.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/mibgroup/agentx/master.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/transports/snmpIPBaseDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/tools.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpIPv4BaseDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/mib.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_pdu_parse_fuzzer', 'parse_octet_hint_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'read_objid_fuzzer', 'parse_octet_hint_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/debug_handler.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpDTLSUDPDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_parse_args.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer']
/src/net-snmp/agent/snmp_agent.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_print_var_fuzzer.c ['snmp_print_var_fuzzer'] ['snmp_print_var_fuzzer']
/src/net-snmp/snmplib/snmp_service.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/oid_stash.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/snmptsm.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpTCPIPv6Domain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpTCPBaseDomain.c [] []
/src/net-snmp/snmplib/../include/net-snmp/library/tools.h ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'read_objid_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/transports/snmpTCPDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/read_only.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/int64.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer']
/src/net-snmp/agent/helpers/cache_handler.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_secmod.c ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpTLSTCPDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_parse_oid_fuzzer.c ['snmp_parse_oid_fuzzer'] ['snmp_parse_oid_fuzzer']
/src/net-snmp/agent/helpers/bulk_to_next.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_api_fuzzer.c ['snmp_api_fuzzer'] ['snmp_api_fuzzer']
/src/net-snmp/agent/mibgroup/smux/smux.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/file_utils.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] []
/src/net-snmp/agent/helpers/serialize.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmpksm.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_openssl.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/default_store.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/mibgroup/agentx/protocol.c ['agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['agentx_parse_fuzzer', 'snmp_api_fuzzer']
/src/net-snmp/snmplib/snmp_api.c ['snmp_parse_oid_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_parse_oid_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/usr/include/openssl/x509v3.h ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/dir_utils.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] []
/src/net-snmp/agent/mibgroup/snmpv3/usmConf.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp.c ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/system.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_e2e_fuzzer.c ['snmp_e2e_fuzzer'] ['snmp_e2e_fuzzer']
/src/net-snmp/snmplib/data_list.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/all_helpers.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpAliasDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_scoped_pdu_parse_fuzzer.c ['snmp_scoped_pdu_parse_fuzzer'] ['snmp_scoped_pdu_parse_fuzzer']
/src/net-snmp/snmplib/snmpv3.c ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/read_objid_fuzzer.c ['read_objid_fuzzer'] ['read_objid_fuzzer']
/src/net-snmp/agent/mibgroup/agentx/subagent.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/agent/helpers/null.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_config_mem_fuzzer.c ['snmp_config_mem_fuzzer'] ['snmp_config_mem_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_config_fuzzer.c ['snmp_config_fuzzer'] ['snmp_config_fuzzer']
/src/net-snmp/snmplib/snmp_enum.c ['snmp_parse_fuzzer', 'snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/keytools.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/strlcpy.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/agentx_parse_fuzzer.c ['agentx_parse_fuzzer'] ['agentx_parse_fuzzer']
/src/net-snmp/snmplib/snmp_auth.c ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_parse_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer']
/src/net-snmp/agent/snmp_vars.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/container.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpCallbackDomain.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpIPv6BaseDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer']
/src/net-snmp/snmplib/callback.c ['snmp_parse_fuzzer', 'snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_transport.c ['snmp_parse_fuzzer', 'snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/agent_sysORTable.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpIPXDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/container_binary_array.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/table_data.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/agent/mibgroup/mibII/vacm_conf.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/mibgroup/agentx/client.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/transports/snmpTLSBaseDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/lcd_time.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/parse.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'read_objid_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'read_objid_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/usr/include/openssl/x509.h ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] []
/src/net-snmp/agent/agent_handler.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpAAL5PVCDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/agent_index.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/sd-daemon.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_parse_fuzzer.c ['snmp_parse_fuzzer'] ['snmp_parse_fuzzer']
/src/net-snmp/snmplib/transports/snmpSTDDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/table.c ['snmp_agent_e2e_fuzzer'] []
/src/net-snmp/snmplib/read_config.c ['snmp_config_fuzzer', 'snmp_transport_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_transport_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/cert_util.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_debug.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/old_api.c [] []
/src/net-snmp/agent/agent_registry.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/scapi.c ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpUDPIPv6Domain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/kernel.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_logging.c ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_scoped_pdu_parse_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_config_fuzzer', 'snmp_parse_oid_fuzzer', 'snmp_mib_fuzzer', 'snmp_parse_fuzzer', 'read_objid_fuzzer', 'snmp_transport_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_print_var_fuzzer', 'snmp_config_mem_fuzzer', 'snmp_e2e_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/snmp_client.c ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_parse_fuzzer', 'snmp_pdu_parse_fuzzer', 'snmp_e2e_fuzzer', 'agentx_parse_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpUDPIPv4BaseDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpUDPDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/snmplib/transports/snmpUDPBaseDomain.c ['snmp_transport_fuzzer', 'snmp_e2e_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']
/src/net-snmp/testing/fuzzing/snmp_transport_fuzzer.c ['snmp_transport_fuzzer'] ['snmp_transport_fuzzer']
/src/net-snmp/testing/fuzzing/ada_fuzz_header.h ['snmp_transport_fuzzer', 'snmp_print_var_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer'] ['snmp_transport_fuzzer', 'snmp_print_var_fuzzer', 'snmp_api_fuzzer', 'snmp_agent_e2e_fuzzer']
/src/net-snmp/agent/helpers/table_dataset.c ['snmp_agent_e2e_fuzzer'] ['snmp_agent_e2e_fuzzer']

Directories in report

Directory
/src/net-snmp/snmplib/transports/
/src/net-snmp/agent/helpers/
/src/net-snmp/testing/fuzzing/
/src/net-snmp/snmplib/../include/net-snmp/library/
/src/net-snmp/snmplib/
/src/net-snmp/agent/mibgroup/mibII/
/src/net-snmp/agent/mibgroup/smux/
/src/net-snmp/agent/mibgroup/utilities/
/src/net-snmp/agent/mibgroup/snmpv3/
/usr/include/openssl/
/src/net-snmp/agent/mibgroup/agentx/
/src/net-snmp/agent/

Metadata section

This sections shows the raw data that is used to produce this report. This is mainly used for further processing and developer debugging.

Fuzzer Calltree file Program data file Coverage file
snmp_config_fuzzer fuzzerLogFile-0-7AF4llxuOf.data fuzzerLogFile-0-7AF4llxuOf.data.yaml snmp_config_fuzzer.covreport
snmp_parse_oid_fuzzer fuzzerLogFile-0-gGnOvthL4l.data fuzzerLogFile-0-gGnOvthL4l.data.yaml snmp_parse_oid_fuzzer.covreport
snmp_mib_fuzzer fuzzerLogFile-0-dO6soplUcx.data fuzzerLogFile-0-dO6soplUcx.data.yaml snmp_mib_fuzzer.covreport
snmp_parse_fuzzer fuzzerLogFile-0-wT0X2jXYFg.data fuzzerLogFile-0-wT0X2jXYFg.data.yaml snmp_parse_fuzzer.covreport
read_objid_fuzzer fuzzerLogFile-0-bx842kEpUG.data fuzzerLogFile-0-bx842kEpUG.data.yaml read_objid_fuzzer.covreport
snmp_transport_fuzzer fuzzerLogFile-0-oSHsYmtQEA.data fuzzerLogFile-0-oSHsYmtQEA.data.yaml snmp_transport_fuzzer.covreport
snmp_pdu_parse_fuzzer fuzzerLogFile-0-QQORz68AOK.data fuzzerLogFile-0-QQORz68AOK.data.yaml snmp_pdu_parse_fuzzer.covreport
parse_octet_hint_fuzzer fuzzerLogFile-0-mrjSpzLVBC.data fuzzerLogFile-0-mrjSpzLVBC.data.yaml parse_octet_hint_fuzzer.covreport
snmp_print_var_fuzzer fuzzerLogFile-0-VH3pUrF6Z4.data fuzzerLogFile-0-VH3pUrF6Z4.data.yaml snmp_print_var_fuzzer.covreport
snmp_config_mem_fuzzer fuzzerLogFile-0-4dh7ka8uNm.data fuzzerLogFile-0-4dh7ka8uNm.data.yaml snmp_config_mem_fuzzer.covreport
snmp_e2e_fuzzer fuzzerLogFile-0-5CpoLIrM1j.data fuzzerLogFile-0-5CpoLIrM1j.data.yaml snmp_e2e_fuzzer.covreport
snmp_scoped_pdu_parse_fuzzer fuzzerLogFile-0-aTQW1VMNhT.data fuzzerLogFile-0-aTQW1VMNhT.data.yaml snmp_scoped_pdu_parse_fuzzer.covreport
agentx_parse_fuzzer fuzzerLogFile-0-767OVGfnAQ.data fuzzerLogFile-0-767OVGfnAQ.data.yaml agentx_parse_fuzzer.covreport
snmp_api_fuzzer fuzzerLogFile-0-Gz51REka4S.data fuzzerLogFile-0-Gz51REka4S.data.yaml snmp_api_fuzzer.covreport
snmp_agent_e2e_fuzzer fuzzerLogFile-0-Aub1MhAgOV.data fuzzerLogFile-0-Aub1MhAgOV.data.yaml snmp_agent_e2e_fuzzer.covreport