The followings are the branches where fuzzer fails to bypass.
| Unique non-covered Complexity | Unique Reachable Complexities | Unique Reachable Functions | All non-covered Complexity | All Reachable Complexity | Function Name | Function Callsite | Blocked Branch |
|---|---|---|---|---|---|---|---|
| 166 | 757 |
4 :
['free', 'xstrdup', 'a2tun', 'strchr'] |
166 | 757 | a2tun | call site: 00082 | /src/openssh/misc.c:510 |
| 2 | 2 |
1 :
['getpagesize'] |
8 | 8 | recallocarray | call site: 00051 | /src/openssh/openbsd-compat/recallocarray.c:64 |
| 2 | 2 |
1 :
['ntohs'] |
2 | 2 | a2port | call site: 00075 | /src/openssh/misc.c:498 |
| 0 | 11 |
1 :
['sshauthopt_free'] |
0 | 11 | sshauthopt_merge | call site: 00146 | /src/openssh/auth-options.c:631 |
| 0 | 0 | None | 12 | 94 | sshauthopt_merge | call site: 00132 | /src/openssh/auth-options.c:537 |
| 0 | 0 | None | 8 | 19 | sshauthopt_merge | call site: 00143 | /src/openssh/auth-options.c:610 |
| 0 | 0 | None | 6 | 673 | sshauthopt_parse | call site: 00003 | /src/openssh/auth-options.c:329 |
| 0 | 0 | None | 2 | 2 | recallocarray | call site: 00053 | /src/openssh/openbsd-compat/recallocarray.c:77 |
| 0 | 0 | None | 2 | 2 | strtonum | call site: 00071 | /src/openssh/openbsd-compat/strtonum.c:52 |
| 0 | 0 | None | 0 | 11 | sshauthopt_parse | call site: 00004 | /src/openssh/auth-options.c:331 |
| 0 | 0 | None | 0 | 11 | sshauthopt_parse | call site: 00041 | /src/openssh/auth-options.c:401 |
| 0 | 0 | None | 0 | 11 | sshauthopt_parse | call site: 00044 | /src/openssh/auth-options.c:413 |
LLVMFuzzerTestOneInput
[function]
[call site]
00000
sshauthopt_new
[function]
[call site]
00001
calloc
[call site]
00002
sshauthopt_parse
[function]
[call site]
00003
sshauthopt_new_with_keys_defaults
[function]
[call site]
00004
sshauthopt_new
[function]
[call site]
00005
opt_flag
[function]
[call site]
00006
opt_flag
[function]
[call site]
00010
opt_flag
[function]
[call site]
00011
opt_flag
[function]
[call site]
00012
opt_flag
[function]
[call site]
00013
opt_flag
[function]
[call site]
00014
opt_flag
[function]
[call site]
00015
opt_flag
[function]
[call site]
00016
opt_flag
[function]
[call site]
00017
opt_match
[function]
[call site]
00018
opt_dequote
[function]
[call site]
00022
strlen
[call site]
00023
opt_match
[function]
[call site]
00024
opt_dequote
[function]
[call site]
00025
opt_match
[function]
[call site]
00026
opt_dequote
[function]
[call site]
00027
opt_match
[function]
[call site]
00028
opt_dequote
[function]
[call site]
00029
parse_absolute_time
[function]
[call site]
00030
strlen
[call site]
00031
strcasecmp
[call site]
00032
strcasecmp
[call site]
00033
snprintf
[call site]
00034
snprintf
[call site]
00035
snprintf
[call site]
00036
memset
[call site]
00037
strptime
[call site]
00038
timegm
[call site]
00039
mktime
[call site]
00040
opt_match
[function]
[call site]
00041
opt_dequote
[function]
[call site]
00042
strchr
[call site]
00043
strdup
[call site]
00044
valid_env_name
[function]
[call site]
00045
__ctype_b_loc
[call site]
00046
strncmp
[call site]
00047
recallocarray
[function]
[call site]
00048
calloc
[call site]
00049
__errno_location
[call site]
00050
__errno_location
[call site]
00051
getpagesize
[call site]
00052
memset
[call site]
00053
memset
[call site]
00054
explicit_bzero
[call site]
00055
opt_match
[function]
[call site]
00056
handle_permit
[function]
[call site]
00057
opt_dequote
[function]
[call site]
00058
strchr
[call site]
00059
asprintf
[call site]
00060
strdup
[call site]
00061
hpdelim2
[function]
[call site]
00062
strlen
[call site]
00066
strcmp
[call site]
00067
a2port
[function]
[call site]
00068
strtonum
[function]
[call site]
00069
__errno_location
[call site]
00070
__errno_location
[call site]
00071
__errno_location
[call site]
00072
__errno_location
[call site]
00073
__errno_location
[call site]
00074
getservbyname
[call site]
00075
ntohs
[call site]
00076
recallocarray
[function]
[call site]
00077
opt_match
[function]
[call site]
00078
handle_permit
[function]
[call site]
00079
opt_match
[function]
[call site]
00080
opt_dequote
[function]
[call site]
00081
a2tun
[function]
[call site]
00082
xstrdup
[function]
[call site]
00083
strlen
[call site]
00084
xmalloc
[function]
[call site]
00085
sshfatal
[function]
[call site]
00086
sshlogv
[function]
[call site]
00087
strrchr
[call site]
00088
getpid
[call site]
00089
snprintf
[call site]
00090
match_pattern_list
[function]
[call site]
00091
strlen
[call site]
00092
__ctype_b_loc
[call site]
00093
tolower
[call site]
00094
match_pattern
[function]
[call site]
00095
match_pattern
[function]
[call site]
00096
match_pattern
[function]
[call site]
00097
snprintf
[call site]
00098
snprintf
[call site]
00099
strlcpy
[function]
[call site]
00100
do_log
[function]
[call site]
00101
__errno_location
[call site]
00102
snprintf
[call site]
00103
vsnprintf
[call site]
00104
vsnprintf
[call site]
00105
snprintf
[call site]
00106
strlcpy
[function]
[call site]
00107
strnvis
[function]
[call site]
00108
__ctype_b_loc
[call site]
00109
vis
[function]
[call site]
00110
__ctype_b_loc
[call site]
00111
__ctype_b_loc
[call site]
00112
vis
[function]
[call site]
00113
snprintf
[call site]
00114
strlen
[call site]
00115
openlog
[call site]
00116
syslog
[call site]
00117
closelog
[call site]
00118
__errno_location
[call site]
00119
cleanup_exit
[function]
[call site]
00120
_exit
[call site]
00121
sshfatal
[function]
[call site]
00122
strchr
[call site]
00123
a2tun
[function]
[call site]
00124
a2tun
[function]
[call site]
00125
a2tun
[function]
[call site]
00126
strcasecmp
[call site]
00127
strtonum
[function]
[call site]
00128
sshauthopt_free
[function]
[call site]
00129
freezero
[function]
[call site]
00130
explicit_bzero
[call site]
00131
sshauthopt_merge
[function]
[call site]
00132
sshauthopt_new
[function]
[call site]
00133
strdup
[call site]
00134
strdup
[call site]
00135
dup_strings
[function]
[call site]
00136
calloc
[call site]
00137
strdup
[call site]
00138
dup_strings
[function]
[call site]
00139
dup_strings
[function]
[call site]
00140
dup_strings
[function]
[call site]
00141
dup_strings
[function]
[call site]
00142
dup_strings
[function]
[call site]
00143
strcmp
[call site]
00144
strdup
[call site]
00145
strdup
[call site]
00146
strdup
[call site]
00147
sshauthopt_free
[function]
[call site]
00148
sshauthopt_free
[function]
[call site]
00149
sshauthopt_free
[function]
[call site]
00150
sshauthopt_free
[function]
[call site]
00151