Migrated fuzzers from the oss-repo to here.

Also added a new private_key_parser fuzzer.

4 files changed, 165 insertions, 0 deletions

diff --git a/fuzz/README.md b/fuzz/README.md
new file mode 100644
index 0000000000..c215f75d0d
--- /dev/null
+++ b/fuzz/README.md
@@ -0,0 +1,4 @@
+# Fuzzers
+
+These are fuzzers designed for use with `libFuzzer`. Currently they are
+primarily run on Google's OSS-Fuzz (https://github.com/google/oss-fuzz/).
diff --git a/fuzz/gnutls_client_fuzzer.cc b/fuzz/gnutls_client_fuzzer.cc
new file mode 100644
index 0000000000..b155ca5edf
--- /dev/null
+++ b/fuzz/gnutls_client_fuzzer.cc
@@ -0,0 +1,73 @@
+/*
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+*/
+
+#include <assert.h>
+#include <fcntl.h>
+#include <stdint.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+
+#include <gnutls/gnutls.h>
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+    int res;
+    gnutls_session_t session;
+    gnutls_certificate_credentials_t xcred;
+
+    int socket_fds[2];
+    res = socketpair(AF_UNIX, SOCK_STREAM, 0, socket_fds);
+    assert(res >= 0);
+    ssize_t send_res = send(socket_fds[1], data, size, 0);
+    assert(send_res == size);
+    res = shutdown(socket_fds[1], SHUT_WR);
+    assert(res == 0);
+
+    res = gnutls_init(&session, GNUTLS_CLIENT);
+    assert(res >= 0);
+
+    res = gnutls_certificate_allocate_credentials(&xcred);
+    assert(res >= 0);
+    res = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
+    assert(res >= 0);
+
+    res = gnutls_set_default_priority(session);
+    assert(res >= 0);
+
+    gnutls_transport_set_int(session, socket_fds[0]);
+
+    do {
+        res = gnutls_handshake(session);
+    } while (res < 0 && gnutls_error_is_fatal(res) == 0);
+    if (res >= 0) {
+        while (true) {
+            char buf[16384];
+            res = gnutls_record_recv(session, buf, sizeof(buf));
+            if (res <= 0) {
+                break;
+            }
+        }
+    }
+
+    close(socket_fds[0]);
+    close(socket_fds[1]);
+    gnutls_deinit(session);
+    gnutls_certificate_free_credentials(xcred);
+    return 0;
+}
diff --git a/fuzz/gnutls_private_key_parser_fuzzer.cc b/fuzz/gnutls_private_key_parser_fuzzer.cc
new file mode 100644
index 0000000000..63d8163fa7
--- /dev/null
+++ b/fuzz/gnutls_private_key_parser_fuzzer.cc
@@ -0,0 +1,41 @@
+/*
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+*/
+
+#include <assert.h>
+#include <stdint.h>
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+    gnutls_datum_t raw;
+    gnutls_x509_privkey_t key;
+    int ret;
+
+    raw.data = (unsigned char *)data;
+    raw.size = size;
+
+    ret = gnutls_x509_privkey_init(&key);
+    assert(ret >= 0);
+
+    ret = gnutls_x509_privkey_import(key, &raw, GNUTLS_X509_FMT_DER);
+
+    gnutls_x509_privkey_deinit(key);
+    return 0;
+}
diff --git a/fuzz/gnutls_x509_parser_fuzzer.cc b/fuzz/gnutls_x509_parser_fuzzer.cc
new file mode 100644
index 0000000000..28dc3397fc
--- /dev/null
+++ b/fuzz/gnutls_x509_parser_fuzzer.cc
@@ -0,0 +1,47 @@
+/*
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+*/
+
+#include <assert.h>
+#include <stdint.h>
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+    gnutls_datum_t raw;
+    gnutls_datum_t out;
+    gnutls_x509_crt_t crt;
+    int ret;
+
+    raw.data = (unsigned char *)data;
+    raw.size = size;
+
+    ret = gnutls_x509_crt_init(&crt);
+    assert(ret >= 0);
+
+    ret = gnutls_x509_crt_import(crt, &raw, GNUTLS_X509_FMT_DER);
+    if (ret >= 0) {
+        ret = gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_FULL, &out);
+        assert(ret >= 0);
+        gnutls_free(out.data);
+    }
+
+    gnutls_x509_crt_deinit(crt);
+    return 0;
+}