Fuzz introspector: wget_netrc_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
725 2055 19 :

['gnutls_crypto_single_digest_register', 'read_cpuid_vals', '_gnutls_log', 'padlock_capability', 'check_avx_movbe', 'check_padlock', '_gnutls_priority_update_non_aesni', 'check_ssse3', 'check_phe_sha512', 'check_sha', 'capabilities_to_intel_cpuid', 'gnutls_crypto_single_cipher_register', 'check_optimized_aes', 'check_phe_partial', 'gnutls_crypto_single_mac_register', 'check_phe', 'capabilities_to_zhaoxin_edx', 'check_pclmul', 'check_fast_pclmul']

725 2055 register_x86_padlock_crypto call site: 00000 /src/gnutls/lib/accelerated/x86/x86-common.c:388
472 472 12 :

['fseek', 'pthread_rwlock_wrlock', 'cfg_apply', 'ini_parse_file', 'gnutls_strerror', 'ini_ctx_deinit', 'construct_system_wide_priority_string', 'fclose', '_name_val_array_clear', 'fopen', '_gnutls_buffer_clear', 'update_system_wide_priority_string']

604 604 _gnutls_update_system_priorities call site: 00000 /src/gnutls/lib/priority.c:2314
340 344 3 :

['stat', 'rpl_free', 'parse_netrc']

344 348 search_netrc call site: 00004 /src/wget/src/netrc.c:112
48 48 1 :

['capabilities_to_intel_cpuid']

440 1304 register_x86_intel_crypto call site: 00000 /src/gnutls/lib/accelerated/x86/x86-common.c:911
45 835 9 :

['abort', 'mbsinit', 'strlen', 'rpl_mbrtowc', 'gettext_quote', 'iswprint', 'memcmp', '__ctype_b_loc', 'quotearg_buffer_restyled']

45 835 quotearg_buffer_restyled call site: 00071 /src/wget/lib/quotearg.c:730
26 26 1 :

['xpalloc']

42 740 quotearg_n_options call site: 00038 /src/wget/lib/quotearg.c:880
18 18 1 :

['_gnutls_asn2err']

40 40 _gnutls_global_init call site: 00000 /src/gnutls/lib/global.c:293
16 16 1 :

['_asn1_delete_list_and_nodes']

16 16 asn1_array2tree call site: 00000 /src/gnutls/lib/minitasn1/structure.c:272
12 12 2 :

['atoi', '_gnutls_log']

22 1558 lib_init call site: 00000 /src/gnutls/lib/global.c:503
10 10 1 :

['_gnutls_log']

10 10 register_x86_intel_crypto call site: 00000 /src/gnutls/lib/accelerated/x86/x86-common.c:1170
10 10 1 :

['_gnutls_log']

10 10 _algo_register call site: 00000 /src/gnutls/lib/crypto-backend.c:67
10 10 1 :

['_gnutls_log']

10 10 _algo_register call site: 00000 /src/gnutls/lib/crypto-backend.c:87

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 fmemopen [call site] 00001
1 dup [call site] 00002
1 _setjmp [call site] 00003
1 search_netrc [function] [call site] 00004
2 parse_netrc_fp [function] [call site] 00005
3 getline [call site] 00006
3 c_isspace [function] [call site] 00007
3 c_isspace [function] [call site] 00008
3 shift_left [function] [call site] 00009
3 c_isspace [function] [call site] 00010
3 shift_left [function] [call site] 00011
3 shift_left [function] [call site] 00012
3 rpl_free [function] [call site] 00013
4 __errno_location [call site] 00014
4 __errno_location [call site] 00015
3 xstrdup [function] [call site] 00016
4 strlen [call site] 00017
4 xmemdup [function] [call site] 00018
5 xmalloc [function] [call site] 00019
6 nonnull [function] [call site] 00020
7 xalloc_die [function] [call site] 00021
8 dgettext [call site] 00022
8 abort [call site] 00023
3 maybe_add_to_list [function] [call site] 00024
4 rpl_free [function] [call site] 00025
4 rpl_free [function] [call site] 00026
4 rpl_free [function] [call site] 00027
4 xmalloc [function] [call site] 00028
3 xstrdup [function] [call site] 00029
3 rpl_free [function] [call site] 00030
3 xstrdup [function] [call site] 00031
3 gettext [call site] 00032
3 quote [function] [call site] 00033
4 quote_n [function] [call site] 00034
5 quote_n_mem [function] [call site] 00035
6 quotearg_n_options [function] [call site] 00036
7 __errno_location [call site] 00037
7 abort [call site] 00038
7 xpalloc [function] [call site] 00039
8 xalloc_die [function] [call site] 00040
8 xrealloc [function] [call site] 00041
9 realloc [call site] 00042
9 xalloc_die [function] [call site] 00043
7 quotearg_buffer_restyled [function] [call site] 00044
8 __ctype_get_mb_cur_max [call site] 00045
8 gettext_quote [function] [call site] 00046
9 dgettext [call site] 00047
9 locale_charset [function] [call site] 00048
10 nl_langinfo [call site] 00049
9 c_strcasecmp [function] [call site] 00050
10 c_tolower [function] [call site] 00051
10 c_tolower [function] [call site] 00052
9 c_strcasecmp [function] [call site] 00053
8 gettext_quote [function] [call site] 00054
8 strlen [call site] 00055
8 abort [call site] 00056
8 strlen [call site] 00057
8 memcmp [call site] 00058
8 __ctype_b_loc [call site] 00059
8 strlen [call site] 00060
8 rpl_mbrtowc [function] [call site] 00061
9 mbrtowc [call site] 00062
9 hard_locale [function] [call site] 00063
10 setlocale_null_r [function] [call site] 00064
11 setlocale_null_unlocked [function] [call site] 00065
12 setlocale_null_androidfix [function] [call site] 00066
13 setlocale [call site] 00067
12 strlen [call site] 00068
10 strcmp [call site] 00069
8 iswprint [call site] 00070
8 mbsinit [call site] 00071
8 quotearg_buffer_restyled [function] [call site] 00072
9 quotearg_buffer_restyled [function] [call site] 00073
7 rpl_free [function] [call site] 00074
7 xcharalloc [function] [call site] 00075
8 xmalloc [function] [call site] 00076
7 quotearg_buffer_restyled [function] [call site] 00077
7 __errno_location [call site] 00078
3 strcmp [call site] 00079
3 strcmp [call site] 00080
3 maybe_add_to_list [function] [call site] 00081
3 strcmp [call site] 00082
3 strcmp [call site] 00083
3 strcmp [call site] 00084
3 strcmp [call site] 00085
3 strcmp [call site] 00086
3 strcmp [call site] 00087
3 gettext [call site] 00088
3 rpl_free [function] [call site] 00089
3 maybe_add_to_list [function] [call site] 00090
3 rpl_free [function] [call site] 00091
2 aprintf [function] [call site] 00092
3 vasprintf [call site] 00093
3 __errno_location [call site] 00094
3 memfatal [function] [call site] 00095
4 log_set_save_context [function] [call site] 00096
4 gettext [call site] 00097
4 logprintf [function] [call site] 00098
5 __errno_location [call site] 00099
5 check_redirect_output [function] [call site] 00100
6 tcgetpgrp [call site] 00101
6 getpgrp [call site] 00102
6 redirect_output [function] [call site] 00103
7 fprintf [call site] 00104
7 unique_create [function] [call site] 00105
8 unique_name [function] [call site] 00106
9 file_exists_p [function] [call site] 00107
10 __errno_location [call site] 00108
10 stat [call site] 00109
10 getuid [call site] 00110
10 group_member [call site] 00111
10 __errno_location [call site] 00112
10 __errno_location [call site] 00113
9 xstrdup [function] [call site] 00114
8 fopen_excl [function] [call site] 00115
9 open [call site] 00116
9 fdopen [call site] 00117
8 __errno_location [call site] 00118
8 rpl_free [function] [call site] 00119
8 unique_name [function] [call site] 00120
8 rpl_free [function] [call site] 00121
8 rpl_free [function] [call site] 00122
7 gettext [call site] 00123
7 quote [function] [call site] 00124
7 log_dump_context [function] [call site] 00125
8 get_log_fp [function] [call site] 00126
8 get_warc_log_fp [function] [call site] 00127
8 fputs [call site] 00128
8 fputs [call site] 00129
8 fputs [call site] 00130
8 fputs [call site] 00131
8 rpl_fflush [function] [call site] 00132
9 __freading [call site] 00133
9 fflush [call site] 00134
9 clear_ungetc_buffer_preserving_position [function] [call site] 00135
10 rpl_fseeko [function] [call site] 00136
11 fileno [call site] 00137
11 fseeko [call site] 00138
9 fflush [call site] 00139
8 rpl_fflush [function] [call site] 00140
7 gettext [call site] 00141
7 __errno_location [call site] 00142
7 gettext [call site] 00143
7 quote [function] [call site] 00144
7 log_dump_context [function] [call site] 00145
7 log_dump_context [function] [call site] 00146
6 redirect_output [function] [call site] 00147
5 __errno_location [call site] 00148
5 log_vprintf_internal [function] [call site] 00149
6 get_log_fp [function] [call site] 00150
6 get_warc_log_fp [function] [call site] 00151
6 vfprintf [call site] 00152
6 vsnprintf [call site] 00153
6 xrealloc [function] [call site] 00154
6 xrealloc [function] [call site] 00155
6 saved_append [function] [call site] 00156
7 strchr [call site] 00157
7 strlen [call site] 00158
7 saved_append_1 [function] [call site] 00159
8 free_log_line [function] [call site] 00160
9 rpl_free [function] [call site] 00161
8 strdupdelim [function] [call site] 00162
9 xmalloc [function] [call site] 00163
9 xstrdup [function] [call site] 00164
8 strlen [call site] 00165
8 xrealloc [function] [call site] 00166
8 strlen [call site] 00167
8 xmalloc [function] [call site] 00168
6 fputs [call site] 00169
6 fputs [call site] 00170
6 rpl_free [function] [call site] 00171
6 logflush [function] [call site] 00172
7 get_log_fp [function] [call site] 00173
7 get_warc_log_fp [function] [call site] 00174
7 rpl_fflush [function] [call site] 00175
7 rpl_fflush [function] [call site] 00176
5 __errno_location [call site] 00177
5 exit_wget [function] [call site] 00178
4 gettext [call site] 00179
4 logprintf [function] [call site] 00180
4 exit_wget [function] [call site] 00181
2 stat [call site] 00182
2 parse_netrc [function] [call site] 00183
3 fopen_wget [function] [call site] 00184
4 fopen [call site] 00185
3 gettext [call site] 00186
3 __errno_location [call site] 00187
3 parse_netrc_fp [function] [call site] 00188
3 fclose [call site] 00189
2 rpl_free [function] [call site] 00190
2 strcasecmp [call site] 00191
2 strcmp [call site] 00192
1 netrc_cleanup [function] [call site] 00193
2 free_netrc [function] [call site] 00194
3 rpl_free [function] [call site] 00195
3 rpl_free [function] [call site] 00196
3 rpl_free [function] [call site] 00197
3 rpl_free [function] [call site] 00198
1 search_netrc [function] [call site] 00199
1 netrc_cleanup [function] [call site] 00200
1 fclose [call site] 00201
1 dup2 [call site] 00202