Fuzz introspector: fuzz/fuzz-asn1.c
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
263 1383 14 :

['derive_secret', 'ptls_buffer__adjust_quic_blocksize', 'send_certificate_verify', 'setup_traffic_protection', 'send_certificate', 'commission_handshake_secret', 'ptls_buffer__do_pushv', 'derive_exporter_secret', 'ptls__key_schedule_update_hash', 'push_change_cipher_spec', 'send_finished', 'ptls_iovec_init', 'key_schedule_extract', 'free']

263 1383 client_handle_finished call site: 00000 /src/picotls/lib/picotls.c:3455
233 233 1 :

['commission_handshake_secret']

233 443 server_finish_handshake call site: 00000 /src/picotls/lib/picotls.c:4928
210 210 2 :

['client_ech_select_hello', 'free']

210 1259 client_handle_hello call site: 00000 /src/picotls/lib/picotls.c:2828
210 210 1 :

['client_ech_select_hello']

210 852 client_handle_hello call site: 00000 /src/picotls/lib/picotls.c:2848
180 472 4 :

['ptls__key_schedule_update_hash', 'ptls_buffer__adjust_quic_blocksize', 'ptls_buffer__do_pushv', 'push_signature_algorithms']

180 920 server_handle_hello call site: 00000 /src/picotls/lib/picotls.c:4838
165 458 5 :

['ptls_aead_free', 'rebuild_ch_inner', 'decode_client_hello', 'check_client_hello_constraints', 'ptls_aead_decrypt']

1596 6805 server_handle_hello call site: 00000 /src/picotls/lib/picotls.c:4410
66 66 3 :

['buffer_push_encrypted_records', 'malloc', 'free']

66 66 buffer_encrypt_record call site: 00000 /src/picotls/lib/picotls.c:817
60 160 5 :

['ptls_buffer__do_pushv', 'ptls__key_schedule_update_hash', 'ptls_iovec_init', 'ptls_buffer__adjust_quic_blocksize', 'build_certificate_verify_signdata']

60 160 send_certificate_verify call site: 00000 /src/picotls/lib/picotls.c:3192
8 930 8 :

['ptls_buffer_reserve', 'encode_client_hello', 'strlen', 'ptls__key_schedule_update_hash', 'outer_ech_header_size', 'ptls_iovec_init', 'malloc', 'ptls_aead_encrypt']

8 1415 send_client_hello call site: 00000 /src/picotls/lib/picotls.c:2484
7 107 7 :

['client_do_handle_certificate', 'ptls_decode16', 'ptls_decode_quicint', 'ptls__key_schedule_update_hash', 'ptls_iovec_init', 'malloc', 'ptls_decode24']

7 107 client_handle_compressed_certificate call site: 00000 /src/picotls/lib/picotls.c:3332
6 6 1 :

['key_schedule_update_ch1hash_prefix']

983 5046 server_handle_hello call site: 00000 /src/picotls/lib/picotls.c:4523
2 2 1 :

['posix_memalign']

2 5 ptls_buffer_reserve_aligned call site: 00048 /src/picotls/lib/picotls.c:598

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 feeder_init [function] [call site] 00001
1 feeder_next_byte [function] [call site] 00002
1 feeder_next_byte [function] [call site] 00003
1 feeder_next_byte [function] [call site] 00004
1 ptls_asn1_validation [function] [call site] 00005
2 ptls_asn1_validation_recursive [function] [call site] 00006
3 ptls_asn1_read_type [function] [call site] 00007
4 ptls_asn1_error_message [function] [call site] 00008
5 ptls_asn1_print_indent [function] [call site] 00009
3 ptls_asn1_print_type [function] [call site] 00010
4 ptls_asn1_print_indent [function] [call site] 00011
3 ptls_asn1_read_length [function] [call site] 00012
4 ptls_asn1_error_message [function] [call site] 00013
4 ptls_asn1_error_message [function] [call site] 00014
3 ptls_asn1_error_message [function] [call site] 00015
3 ptls_asn1_print_indent [function] [call site] 00016
3 ptls_asn1_validation_recursive [function] [call site] 00017
4 ptls_asn1_print_indent [function] [call site] 00018
4 ptls_asn1_dump_content [function] [call site] 00019
1 feeder_next_byte [function] [call site] 00020
1 feeder_next_byte [function] [call site] 00021
1 ptls_asn1_get_expected_type_and_length [function] [call site] 00022
2 ptls_asn1_error_message [function] [call site] 00023
2 ptls_asn1_read_length [function] [call site] 00024
2 ptls_asn1_error_message [function] [call site] 00025
1 mkstemp [call site] 00026
1 write [call site] 00027
1 ptls_load_certificates [function] [call site] 00028
2 ptls_load_pem_objects [function] [call site] 00029
3 fopen [call site] 00030
3 ptls_buffer_init [function] [call site] 00031
4 __assert_fail [call site] 00032
3 ptls_get_pem_object [function] [call site] 00033
4 fgets [call site] 00034
4 ptls_compare_separator_line [function] [call site] 00035
5 strncmp [call site] 00036
5 strlen [call site] 00037
5 strncmp [call site] 00038
5 strlen [call site] 00039
5 strncmp [call site] 00040
5 strncmp [call site] 00041
4 ptls_base64_decode_init [function] [call site] 00042
4 fgets [call site] 00043
4 ptls_compare_separator_line [function] [call site] 00044
4 ptls_base64_decode [function] [call site] 00045
5 ptls_buffer__do_pushv [function] [call site] 00046
6 ptls_buffer_reserve [function] [call site] 00047
7 ptls_buffer_reserve_aligned [function] [call site] 00048
8 posix_memalign [call site] 00049
8 ptls_buffer__release_memory [function] [call site] 00050
3 ptls_buffer_dispose [function] [call site] 00051
4 ptls_buffer__release_memory [function] [call site] 00052
3 ptls_buffer_dispose [function] [call site] 00053
3 fclose [call site] 00054
1 ptls_minicrypto_load_private_key [function] [call site] 00055
2 ptls_pem_parse_private_key [function] [call site] 00056
3 ptls_load_pem_objects [function] [call site] 00057
3 ptls_minicrypto_asn1_decode_private_key [function] [call site] 00058
4 ptls_asn1_get_expected_type_and_length [function] [call site] 00059
4 ptls_asn1_error_message [function] [call site] 00060
4 ptls_asn1_error_message [function] [call site] 00061
4 ptls_asn1_error_message [function] [call site] 00062
4 ptls_asn1_get_expected_type_and_length [function] [call site] 00063
4 ptls_asn1_get_expected_type_and_length [function] [call site] 00064
4 ptls_asn1_dump_content [function] [call site] 00065
4 ptls_asn1_validation_recursive [function] [call site] 00066
4 ptls_asn1_error_message [function] [call site] 00067
4 ptls_asn1_get_expected_type_and_length [function] [call site] 00068
4 ptls_asn1_validation_recursive [function] [call site] 00069
4 ptls_asn1_error_message [function] [call site] 00070
2 memcmp [call site] 00071
2 ptls_set_ecdsa_private_key [function] [call site] 00072
3 ptls_asn1_get_expected_type_and_length [function] [call site] 00073
3 ptls_asn1_error_message [function] [call site] 00074
3 ptls_asn1_dump_content [function] [call site] 00075
3 ptls_asn1_get_expected_type_and_length [function] [call site] 00076
3 ptls_asn1_error_message [function] [call site] 00077
3 ptls_asn1_error_message [function] [call site] 00078
3 ptls_asn1_error_message [function] [call site] 00079
3 ptls_asn1_get_expected_type_and_length [function] [call site] 00080
3 memcmp [call site] 00081
3 ptls_iovec_init [function] [call site] 00082
3 ptls_minicrypto_init_secp256r1sha256_sign_certificate [function] [call site] 00083
1 close [call site] 00084
1 unlink [call site] 00085