From 5b891b0c36b9cf6efe1c8873e34f2fc114a686d3 Mon Sep 17 00:00:00 2001 From: Luke Date: Sat, 13 Feb 2021 05:10:22 +0000 Subject: Lagom/Fuzzers: Add RSA key parser fuzzer First issue: #5317 --- Meta/Lagom/Fuzzers/CMakeLists.txt | 1 + Meta/Lagom/Fuzzers/FuzzRSAKeyParsing.cpp | 36 ++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 Meta/Lagom/Fuzzers/FuzzRSAKeyParsing.cpp diff --git a/Meta/Lagom/Fuzzers/CMakeLists.txt b/Meta/Lagom/Fuzzers/CMakeLists.txt index 9fe96e001d..1309581e4b 100644 --- a/Meta/Lagom/Fuzzers/CMakeLists.txt +++ b/Meta/Lagom/Fuzzers/CMakeLists.txt @@ -33,6 +33,7 @@ add_simple_fuzzer(FuzzRegexPosixExtended) add_simple_fuzzer(FuzzShell) add_simple_fuzzer(FuzzTTF) add_simple_fuzzer(FuzzURL) +add_simple_fuzzer(FuzzRSAKeyParsing) if (NOT ENABLE_OSS_FUZZ) set(CMAKE_EXE_LINKER_FLAGS "${ORIGINAL_CMAKE_EXE_LINKER_FLAGS} -fsanitize=address") diff --git a/Meta/Lagom/Fuzzers/FuzzRSAKeyParsing.cpp b/Meta/Lagom/Fuzzers/FuzzRSAKeyParsing.cpp new file mode 100644 index 0000000000..fd50ac7d3b --- /dev/null +++ b/Meta/Lagom/Fuzzers/FuzzRSAKeyParsing.cpp @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2021, the SerenityOS developers. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + ByteBuffer rsa_data = ByteBuffer::copy(data, size); + Crypto::PK::RSA::parse_rsa_key(rsa_data); + return 0; +} -- cgit v1.2.3