From 438ceeb5dde7339d077cd232407c072f20f4d83d Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 4 Jan 2017 09:42:25 +0100 Subject: tests: added reproducer for server issues This allows to reproduce issues found on server side, by adding a transcript in server-interesting. Currently it contains values found using oss-fuzz. Signed-off-by: Nikos Mavrogiannopoulos --- devel/fuzz/README.md | 2 +- devel/fuzz/gnutls_server_fuzzer.cc | 6 +- tests/Makefile.am | 6 +- tests/server-interesting/server1.raw | Bin 0 -> 441 bytes tests/server.c | 113 +++++++++++++++++++++++++++++++++++ 5 files changed, 123 insertions(+), 4 deletions(-) create mode 100644 tests/server-interesting/server1.raw create mode 100644 tests/server.c diff --git a/devel/fuzz/README.md b/devel/fuzz/README.md index 5471255e71..476fca09da 100644 --- a/devel/fuzz/README.md +++ b/devel/fuzz/README.md @@ -37,6 +37,7 @@ sufficient: |---------------------------|-------------------------| |gnutls_client_fuzzer | tests/client-interesting| +|gnutls_server_fuzzer | tests/server-interesting| |gnutls_pkcs7_parser_fuzzer | tests/pkcs7-interesting | |gnutls_x509_parser_fuzzer | tests/certs-interesting | |---------------------------|-------------------------| @@ -49,5 +50,4 @@ table below. |gnutls_openpgp_cert_parser_fuzzer|tests/cert-tests/openpgp-cert-parser | |gnutls_pkcs8_key_parser_fuzzer |tests/key-tests/pkcs8-invalid,tests/key-tests/pkcs8-decode| |gnutls_private_key_parser_fuzzer |tests/key-tests/key-invalid | -|gnutls_server_fuzzer |none atm (should duplicate the client fuzzer) | |---------------------------------|----------------------------------------------------------| diff --git a/devel/fuzz/gnutls_server_fuzzer.cc b/devel/fuzz/gnutls_server_fuzzer.cc index e864f10354..1d1f87d195 100644 --- a/devel/fuzz/gnutls_server_fuzzer.cc +++ b/devel/fuzz/gnutls_server_fuzzer.cc @@ -194,7 +194,11 @@ static const uint8_t kRSAPrivateKeyDER[] = { 0x98, 0x46, 0x89, 0x82, 0x40, }; -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { +#ifdef __cplusplus +extern "C" +#endif +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ int res; gnutls_datum_t cert, key; gnutls_session_t session; diff --git a/tests/Makefile.am b/tests/Makefile.am index f34e5994cb..d0ce446390 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -39,7 +39,8 @@ EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \ certs-interesting/cert6.der certs-interesting/cert7.der certs-interesting/cert8.der \ certs-interesting/cert3.der.err certs-interesting/cert4.der pkcs7-interesting/pkcs7-1.der \ pkcs7-interesting/pkcs7-1.der.err pkcs7-interesting/pkcs7-2.der pkcs7-interesting/pkcs7-2.der.err \ - client-interesting/client1.raw client-interesting/client2.raw client-interesting/client3.disabled + client-interesting/client1.raw client-interesting/client2.raw client-interesting/client3.disabled \ + server-interesting/server1.raw AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) AM_CPPFLAGS = \ @@ -324,7 +325,8 @@ TESTS_ENVIRONMENT = \ if WANT_TEST_SUITE -ctests += client +# These require the devel/fuzz directory which is not available on releases +ctests += client server LOG_COMPILER = $(VALGRIND) endif diff --git a/tests/server-interesting/server1.raw b/tests/server-interesting/server1.raw new file mode 100644 index 0000000000..4149fc4e42 Binary files /dev/null and b/tests/server-interesting/server1.raw differ diff --git a/tests/server.c b/tests/server.c new file mode 100644 index 0000000000..4067bb827e --- /dev/null +++ b/tests/server.c @@ -0,0 +1,113 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * Copyright 2016 Alex Gaynor, Google Inc. + * + * Author: Nikos Mavrogiannopoulos, Alex Gaynor + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include +#include +#include +#include +#include +#include + +#include "utils.h" + +#define true 1 + +/* This program will load certificates from CERT_DIR and try to print + * them. If CERT_DIR/certname.err is available, it should contain the + * error code that gnutls_x509_crt_import() should return. + */ + +#define CERT_DIR "server-interesting" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); + +static int getnext(DIR **dirp, gnutls_datum_t *der) +{ + struct dirent *d; + char path[256]; + char cert_dir[256]; + const char *src; + int ret; + + src = getenv("srcdir"); + if (src == NULL) + src = "."; + + snprintf(cert_dir, sizeof(cert_dir), "%s/%s", src, CERT_DIR); + + if (*dirp == NULL) { + *dirp = opendir(cert_dir); + if (*dirp == NULL) + return -1; + } + + do { + d = readdir(*dirp); + if (d != NULL +#ifdef _DIRENT_HAVE_D_TYPE + && d->d_type == DT_REG +#endif + ) { + if (strstr(d->d_name, ".raw") == 0) + continue; + snprintf(path, sizeof(path), "%s/%s", cert_dir, d->d_name); + + success("Loading %s\n", path); + ret = gnutls_load_file(path, der); + if (ret < 0) { + return -1; + } + + return 0; + } + } while(d != NULL); + + closedir(*dirp); + return -1; /* finished */ +} + +#include "../devel/fuzz/gnutls_server_fuzzer.cc" + +void doit(void) +{ + int ret; + gnutls_datum_t raw; + DIR *dirp = NULL; + + ret = global_init(); + if (ret < 0) + fail("init %d\n", ret); + + while (getnext(&dirp, &raw)==0) { + LLVMFuzzerTestOneInput(raw.data, raw.size); + gnutls_free(raw.data); + raw.data = NULL; + raw.size = 0; + } + + gnutls_global_deinit(); +} -- cgit v1.2.1