Fuzz introspector: fuzz_keyring
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
267 327 22 :

['pgp_cipher_cfb_decrypt(pgp_crypt_t*, unsigned char*, unsigned char const*, unsigned long)', 'std::__1::vector >::vector(unsigned long, unsigned char const&)', 'pgp_cipher_cfb_start(pgp_crypt_t*, pgp_symm_alg_t, unsigned char const*, unsigned char const*)', 'rnp::secure_array ::data()', 'fputs', 'rnp::secure_array ::~secure_array()', 'std::__1::vector >::~vector[abi:ne180100]()', '__cxa_end_catch', '__clang_call_terminate', 'pgp_cipher_cfb_finish(pgp_crypt_t*)', 'rnp_log_switch()', 'rnp::secure_array ::secure_array()', 'pgp_key_size(pgp_symm_alg_t)', 'pgp_s2k_derive_key(pgp_s2k_t*, char const*, unsigned char*, int)', 'std::__1::vector >::data[abi:ne180100]()', '__cxa_begin_catch', 'fputc', 'decrypt_secret_key_v3(pgp_crypt_t*, unsigned char*, unsigned char const*, unsigned long)', 'fwrite', 'std::__1::vector >::empty[abi:ne180100]() const', 'std::__1::vector >::size[abi:ne180100]() const', 'is_rsa_key_alg(pgp_pubkey_alg_t)']

267 456 decrypt_secret_key(pgp_key_pkt_t*,charconst*) call site: 00000 /src/rnp/src/librepgp/stream-key.cpp:477
78 299 4 :

['signature_hash_key(pgp_key_pkt_t const&, rnp::Hash&, pgp_version_t)', 'pgp_key_pkt_t::pgp_key_pkt_t(pgp_key_pkt_t const&, bool)', 'pgp_key_pkt_t::~pgp_key_pkt_t()', 'pgp_key_pkt_t::fill_hashed_data()']

78 299 signature_hash_key(pgp_key_pkt_tconst&,rnp::Hash&,pgp_version_t) call site: 00000 /src/rnp/src/librepgp/stream-sig.cpp:54
78 78 1 :

['pgp_key_pkt_t::fill_hashed_data()']

86 345 pgp_key_pkt_t::write(pgp_dest_t&) call site: 00000 /src/rnp/src/librepgp/stream-key.cpp:842
62 62 3 :

['std::__1::vector >::data[abi:ne180100]() const', 'pgp_sphincsplus_public_key_t::verify(pgp_sphincsplus_signature_t const*, unsigned char const*, unsigned long) const', 'std::__1::vector >::size[abi:ne180100]() const']

62 62 pgp::SlhdsaKeyMaterial::verify(rnp::SecurityContextconst&,pgp::SigMaterialconst&,std::__1::vector >const&)const call site: 00000 /src/rnp/src/lib/key_material.cpp:2001
14 23 7 :

['__cxa_throw', 'fputc', 'std::invalid_argument::invalid_argument[abi:ne180100](char const*)', '__cxa_allocate_exception', '__cxa_free_exception', 'fwrite', 'rnp_log_switch()']

26 68 rnp::Key::Key(rnp::Keyconst&,bool) call site: 00000 /src/rnp/src/lib/key.cpp:447
14 23 7 :

['__cxa_throw', 'fputc', 'std::invalid_argument::invalid_argument[abi:ne180100](char const*)', '__cxa_allocate_exception', '__cxa_free_exception', 'fwrite', 'rnp_log_switch()']

14 23 rnp::KeyStore::KeyStore(std::__1::basic_string ,std::__1::allocator >const&,rnp::SecurityContext&,rnp::KeyFormat) call site: 00000 /src/rnp/src/librekey/rnp_key_store.cpp:714
9 9 1 :

['dst_finish(pgp_dest_t*)']

9 9 dst_close(pgp_dest_t*,bool) call site: 00000 /src/rnp/src/librepgp/stream-common.cpp:728
8 34 7 :

['__cxa_throw', '__cxa_allocate_exception', 'rnp::rnp_exception::rnp_exception(unsigned int)', 'rnp_log_switch()', 'fwrite', 'rnp::Source::~Source()', 'fputc']

8 34 rnp::ArmoredSource::ArmoredSource(pgp_source_t&,unsignedint) call site: 00000 /src/rnp/src/librepgp/stream-armor.cpp:1161
8 21 6 :

['__cxa_throw', 'fputc', '__cxa_allocate_exception', 'rnp::rnp_exception::rnp_exception(unsigned int)', 'fwrite', 'rnp_log_switch()']

10 23 (anonymousnamespace)::grip_hash_ec(rnp::Hash&,pgp::ec::Keyconst&) call site: 00000 /src/rnp/src/lib/key_material.cpp:111
8 21 6 :

['__cxa_throw', 'fputc', '__cxa_allocate_exception', 'rnp::rnp_exception::rnp_exception(unsigned int)', 'fwrite', 'rnp_log_switch()']

8 21 (anonymousnamespace)::grip_hash_ecc_hex(rnp::Hash&,charconst*,char) call site: 00000 /src/rnp/src/lib/key_material.cpp:71
8 21 6 :

['__cxa_throw', 'fputc', '__cxa_allocate_exception', 'rnp::rnp_exception::rnp_exception(unsigned int)', 'fwrite', 'rnp_log_switch()']

8 21 pgp_key_pkt_t::make_s2k_params(pgp_packet_body_t&) call site: 00000 /src/rnp/src/librepgp/stream-key.cpp:821
6 6 1 :

['pgp_s2k_encode_iterations(unsigned long)']

6 10 pgp_packet_body_t::add(pgp_s2k_tconst&) call site: 00000 /src/rnp/src/librepgp/stream-packet.cpp:832

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 rnp_input_from_memory [call site] 00001
1 rnp_ffi_create [call site] 00002
1 rnp_load_keys [call site] 00003
1 rnp_input_destroy [call site] 00004
1 rnp_ffi_destroy [call site] 00005