The followings are the branches where fuzzer fails to bypass.
Unique non-covered Complexity | Unique Reachable Complexities | Unique Reachable Functions | All non-covered Complexity | All Reachable Complexity | Function Name | Function Callsite | Blocked Branch |
---|---|---|---|---|---|---|---|
164 | 164 |
1 :
['xstrdup'] |
164 | 164 | tohex | call site: 00119 | /src/openssh/misc.c:1496 |
160 | 160 |
1 :
['sshfatal'] |
160 | 160 | xcalloc | call site: 00131 | /src/openssh/xmalloc.c:56 |
88 | 95 |
8 :
['strlen', 'strnvis', 'syslog', '__errno_location', 'openlog', 'strlcpy', 'write', 'closelog'] |
88 | 95 | do_log | call site: 00038 | /src/openssh/log.c:351 |
82 | 240 |
4 :
['xmss_sign_open', 'sshkey_xmss_params', 'sshlog', 'malloc'] |
82 | 451 | ssh_xmss_verify | call site: 00000 | /src/openssh/ssh-xmss.c:312 |
50 | 50 |
3 :
['EC_KEY_get0_group', 'sshkey_ec_validate_public', 'EC_KEY_get0_public_key'] |
52 | 52 | ssh_ecdsa_deserialize_public | call site: 00000 | /src/openssh/ssh-ecdsa.c:177 |
13 | 13 |
1 :
['rsa_hash_id_from_keyname'] |
21 | 697 | ssh_rsa_verify | call site: 00000 | /src/openssh/ssh-rsa.c:508 |
6 | 6 |
3 :
['exit', 'openlog', 'closelog'] |
6 | 6 | log_init | call site: 00008 | /src/openssh/log.c:213 |
2 | 215 |
2 :
['EC_KEY_set_public_key', 'sshbuf_get_string_direct'] |
6 | 219 | sshbuf_get_eckey | call site: 00000 | /src/openssh/sshbuf-getput-crypto.c:110 |
2 | 2 |
1 :
['strlen'] |
2 | 2 | strlcat | call site: 00134 | /src/openssh/openbsd-compat/strlcat.c:48 |
2 | 2 |
1 :
['BN_clear_free'] |
2 | 2 | sshbuf_get_bignum2 | call site: 00000 | /src/openssh/sshbuf-getput-crypto.c:48 |
0 | 231 |
1 :
['sshkey_deserialize_sk'] |
0 | 231 | ssh_ecdsa_sk_deserialize_public | call site: 00000 | /src/openssh/ssh-ecdsa-sk.c:133 |
0 | 227 |
2 :
['ssh_err', 'sshlog'] |
2 | 430 | hash_buffer | call site: 00142 | /src/openssh/sshsig.c:417 |
LLVMFuzzerTestOneInput
[function]
[call site]
00000
sshbuf_from
[function]
[call site]
00001
calloc
[call site]
00002
strlen
[call site]
00003
sshbuf_from
[function]
[call site]
00004
log_init
[function]
[call site]
00005
log_change_level
[function]
[call site]
00006
fprintf
[call site]
00007
exit
[call site]
00008
fprintf
[call site]
00009
exit
[call site]
00010
openlog
[call site]
00011
closelog
[call site]
00012
sshsig_verifyb
[function]
[call site]
00013
sshsig_peek_hashalg
[function]
[call site]
00014
sshbuf_fromb
[function]
[call site]
00015
sshbuf_check_sanity
[function]
[call site]
00016
ssh_signal
[function]
[call site]
00017
memset
[call site]
00018
sigfillset
[call site]
00019
sigaction
[call site]
00020
strsignal
[call site]
00021
sshlog
[function]
[call site]
00022
sshlogv
[function]
[call site]
00023
strrchr
[call site]
00024
getpid
[call site]
00025
snprintf
[call site]
00026
match_pattern_list
[function]
[call site]
00027
strlen
[call site]
00028
__ctype_b_loc
[call site]
00029
tolower
[call site]
00030
match_pattern
[function]
[call site]
00031
match_pattern
[function]
[call site]
00032
match_pattern
[function]
[call site]
00033
snprintf
[call site]
00034
snprintf
[call site]
00035
strlcpy
[function]
[call site]
00036
do_log
[function]
[call site]
00037
__errno_location
[call site]
00038
snprintf
[call site]
00039
vsnprintf
[call site]
00040
vsnprintf
[call site]
00041
snprintf
[call site]
00042
strlcpy
[function]
[call site]
00043
strnvis
[function]
[call site]
00044
__ctype_b_loc
[call site]
00045
vis
[function]
[call site]
00046
__ctype_b_loc
[call site]
00047
__ctype_b_loc
[call site]
00048
vis
[function]
[call site]
00049
snprintf
[call site]
00050
strlen
[call site]
00051
openlog
[call site]
00052
syslog
[call site]
00053
closelog
[call site]
00054
__errno_location
[call site]
00055
raise
[call site]
00056
sshbuf_ptr
[function]
[call site]
00057
sshbuf_check_sanity
[function]
[call site]
00058
sshbuf_set_parent
[function]
[call site]
00059
sshbuf_check_sanity
[function]
[call site]
00060
sshbuf_check_sanity
[function]
[call site]
00061
sshbuf_free
[function]
[call site]
00062
sshbuf_check_sanity
[function]
[call site]
00063
sshbuf_free
[function]
[call site]
00064
explicit_bzero
[call site]
00065
freezero
[function]
[call site]
00066
explicit_bzero
[call site]
00067
sshsig_parse_preamble
[function]
[call site]
00068
sshbuf_cmp
[function]
[call site]
00069
sshbuf_ptr
[function]
[call site]
00070
sshbuf_len
[function]
[call site]
00071
sshbuf_check_sanity
[function]
[call site]
00072
sshbuf_ptr
[function]
[call site]
00073
timingsafe_bcmp
[function]
[call site]
00074
sshbuf_consume
[function]
[call site]
00075
sshbuf_check_sanity
[function]
[call site]
00076
sshbuf_len
[function]
[call site]
00077
sshbuf_get_u32
[function]
[call site]
00078
sshbuf_ptr
[function]
[call site]
00079
sshbuf_consume
[function]
[call site]
00080
sshlog
[function]
[call site]
00081
sshlog
[function]
[call site]
00082
sshbuf_get_string_direct
[function]
[call site]
00083
sshbuf_peek_string_direct
[function]
[call site]
00084
sshbuf_ptr
[function]
[call site]
00085
sshbuf_len
[function]
[call site]
00086
sshbuf_len
[function]
[call site]
00087
sshbuf_consume
[function]
[call site]
00088
sshbuf_get_string_direct
[function]
[call site]
00089
sshbuf_get_string
[function]
[call site]
00090
sshbuf_get_string_direct
[function]
[call site]
00091
sshbuf_get_cstring
[function]
[call site]
00092
sshbuf_peek_string_direct
[function]
[call site]
00093
memchr
[call site]
00094
sshbuf_get_string_direct
[function]
[call site]
00095
sshbuf_get_string_direct
[function]
[call site]
00096
ssh_err
[function]
[call site]
00097
__errno_location
[call site]
00098
sshlog
[function]
[call site]
00099
sshbuf_free
[function]
[call site]
00100
sshlog
[function]
[call site]
00101
hash_buffer
[function]
[call site]
00102
memset
[call site]
00103
sshsig_check_hashalg
[function]
[call site]
00104
match_pattern_list
[function]
[call site]
00105
sshlog
[function]
[call site]
00106
ssh_digest_alg_by_name
[function]
[call site]
00107
strcasecmp
[call site]
00108
sshlog
[function]
[call site]
00109
ssh_digest_buffer
[function]
[call site]
00110
sshbuf_ptr
[function]
[call site]
00111
ssh_digest_memory
[function]
[call site]
00112
ssh_digest_by_alg
[function]
[call site]
00113
EVP_Digest
[call site]
00114
ssh_err
[function]
[call site]
00115
sshlog
[function]
[call site]
00116
ssh_digest_bytes
[function]
[call site]
00117
ssh_digest_by_alg
[function]
[call site]
00118
tohex
[function]
[call site]
00119
xstrdup
[function]
[call site]
00120
strlen
[call site]
00121
xmalloc
[function]
[call site]
00122
sshfatal
[function]
[call site]
00123
sshlogv
[function]
[call site]
00124
cleanup_exit
[function]
[call site]
00125
_exit
[call site]
00126
sshfatal
[function]
[call site]
00127
xcalloc
[function]
[call site]
00128
sshfatal
[function]
[call site]
00129
sshfatal
[function]
[call site]
00130
calloc
[call site]
00131
sshfatal
[function]
[call site]
00132
snprintf
[call site]
00133
strlcat
[function]
[call site]
00134
strlen
[call site]
00135
sshlog
[function]
[call site]
00136
freezero
[function]
[call site]
00137
sshbuf_new
[function]
[call site]
00138
calloc
[call site]
00139
calloc
[call site]
00140
ssh_digest_bytes
[function]
[call site]
00141
sshbuf_put
[function]
[call site]
00142
sshbuf_reserve
[function]
[call site]
00143
sshbuf_allocate
[function]
[call site]
00144
sshbuf_check_reserve
[function]
[call site]
00145
sshbuf_check_sanity
[function]
[call site]
00146
sshbuf_maybe_pack
[function]
[call site]
00147
recallocarray
[function]
[call site]
00148
calloc
[call site]
00149
__errno_location
[call site]
00150
getpagesize
[call site]
00151
memset
[call site]
00152
memset
[call site]
00153
explicit_bzero
[call site]
00154
sshbuf_check_reserve
[function]
[call site]
00155
ssh_err
[function]
[call site]
00156
sshlog
[function]
[call site]
00157
sshbuf_free
[function]
[call site]
00158
explicit_bzero
[call site]
00159
ssh_err
[function]
[call site]
00160
sshlog
[function]
[call site]
00161
sshsig_wrap_verify
[function]
[call site]
00162
sshbuf_len
[function]
[call site]
00163
sshlog
[function]
[call site]
00164
sshbuf_new
[function]
[call site]
00165
sshlog
[function]
[call site]
00166
sshbuf_put
[function]
[call site]
00167
sshbuf_put_cstring
[function]
[call site]
00168
strlen
[call site]
00169
sshbuf_put_string
[function]
[call site]
00170
sshbuf_reserve
[function]
[call site]
00171
sshbuf_put_string
[function]
[call site]
00172
sshbuf_put_cstring
[function]
[call site]
00173
sshbuf_put_stringb
[function]
[call site]
00174
sshbuf_put_string
[function]
[call site]
00175
sshbuf_ptr
[function]
[call site]
00176
sshbuf_put_string
[function]
[call site]
00177
ssh_err
[function]
[call site]
00178
sshlog
[function]
[call site]
00179
sshsig_parse_preamble
[function]
[call site]
00180
sshkey_froms
[function]
[call site]
00181
sshbuf_froms
[function]
[call site]
00182
sshbuf_peek_string_direct
[function]
[call site]
00183
sshbuf_from
[function]
[call site]
00184
sshbuf_consume
[function]
[call site]
00185
sshbuf_set_parent
[function]
[call site]
00186
sshbuf_free
[function]
[call site]
00187
sshkey_from_blob_internal
[function]
[call site]
00188
sshbuf_fromb
[function]
[call site]
00189
sshbuf_get_cstring
[function]
[call site]
00190
sshkey_type_from_name
[function]
[call site]
00191
strcmp
[call site]
00192
sshkey_type_is_cert
[function]
[call site]
00193
sshkey_impl_from_type
[function]
[call site]
00194
sshkey_impl_from_type
[function]
[call site]
00195
sshkey_new
[function]
[call site]
00196
sshkey_impl_from_type
[function]
[call site]
00197
calloc
[call site]
00198
sshkey_is_cert
[function]
[call site]
00199
sshkey_type_is_cert
[function]
[call site]
00200
cert_new
[function]
[call site]
00201
calloc
[call site]
00202
sshbuf_new
[function]
[call site]
00203
sshbuf_new
[function]
[call site]
00204
sshbuf_new
[function]
[call site]
00205
cert_free
[function]
[call site]
00206
sshbuf_free
[function]
[call site]
00207
sshbuf_free
[function]
[call site]
00208
sshbuf_free
[function]
[call site]
00209
sshkey_free
[function]
[call site]
00210
sshkey_free_contents
[function]
[call site]
00211
sshkey_impl_from_type
[function]
[call site]
00212
sshkey_is_cert
[function]
[call site]
00213
cert_free
[function]
[call site]
00214
freezero
[function]
[call site]
00215
freezero
[function]
[call site]
00216
freezero
[function]
[call site]
00217
freezero
[function]
[call site]
00218
sshkey_free
[function]
[call site]
00219
sshkey_type_is_cert
[function]
[call site]
00220
sshbuf_get_string_direct
[function]
[call site]
00221
sshkey_is_cert
[function]
[call site]
00222
sshbuf_len
[function]
[call site]
00223
sshbuf_free
[function]
[call site]
00224
sshkey_free
[function]
[call site]
00225
sshbuf_free
[function]
[call site]
00226
sshbuf_get_cstring
[function]
[call site]
00227
sshbuf_get_string
[function]
[call site]
00228
sshbuf_get_cstring
[function]
[call site]
00229
sshbuf_get_string_direct
[function]
[call site]
00230
ssh_err
[function]
[call site]
00231
sshlog
[function]
[call site]
00232
sshbuf_len
[function]
[call site]
00233
sshlog
[function]
[call site]
00234
strcmp
[call site]
00235
sshlog
[function]
[call site]
00236
sshlog
[function]
[call site]
00237
strcmp
[call site]
00238
sshlog
[function]
[call site]
00239
sshlog
[function]
[call site]
00240
sshkey_type_plain
[function]
[call site]
00241
sshkey_get_sigtype
[function]
[call site]
00242
sshbuf_from
[function]
[call site]
00243
sshbuf_get_cstring
[function]
[call site]
00244
sshbuf_free
[function]
[call site]
00245
ssh_err
[function]
[call site]
00246
sshlog
[function]
[call site]
00247
match_pattern_list
[function]
[call site]
00248
sshlog
[function]
[call site]
00249
sshbuf_ptr
[function]
[call site]
00250
sshbuf_len
[function]
[call site]
00251
sshkey_verify
[function]
[call site]
00252
sshkey_impl_from_key
[function]
[call site]
00253
sshkey_impl_from_type_nid
[function]
[call site]
00254
ssh_err
[function]
[call site]
00255
sshlog
[function]
[call site]
00256
sshbuf_free
[function]
[call site]
00257
sshbuf_free
[function]
[call site]
00258
sshkey_free
[function]
[call site]
00259
sshbuf_free
[function]
[call site]
00260
sshkey_sig_details_free
[function]
[call site]
00261
freezero
[function]
[call site]
00262
sshkey_free
[function]
[call site]
00263
sshbuf_free
[function]
[call site]
00264
sshbuf_free
[function]
[call site]
00265