Add some more variation to fuzzer random number generation

3 files changed, 5 insertions, 4 deletions

diff --git a/dbrandom.c b/dbrandom.c
index d7340a3..faada2a 100644
--- a/dbrandom.c
+++ b/dbrandom.c
@@ -150,10 +150,11 @@ static void write_urandom()
 }
 
 #if DROPBEAR_FUZZ
-void fuzz_seed(void) {
+void fuzz_seed(const unsigned char* dat, unsigned int len) {
 	hash_state hs;
 	sha1_init(&hs);
 	sha1_process(&hs, "fuzzfuzzfuzz", strlen("fuzzfuzzfuzz"));
+	sha1_process(&hs, dat, len);
 	sha1_done(&hs, hashpool);
 
 	counter = 0;
diff --git a/fuzz.h b/fuzz.h
index b5dc7e8..eb22c04 100644
--- a/fuzz.h
+++ b/fuzz.h
@@ -29,7 +29,7 @@ int fuzz_checkpubkey_line(buffer* line, int line_num, char* filename,
         const char* algo, unsigned int algolen,
         const unsigned char* keyblob, unsigned int keybloblen);
 extern const char * const * fuzz_signkey_names;
-void fuzz_seed(void);
+void fuzz_seed(const unsigned char* dat, unsigned int len);
 
 // helpers
 void fuzz_get_socket_address(int fd, char **local_host, char **local_port,
diff --git a/fuzz/fuzz-common.c b/fuzz/fuzz-common.c
index 60dab21..a158691 100644
--- a/fuzz/fuzz-common.c
+++ b/fuzz/fuzz-common.c
@@ -25,7 +25,7 @@ void fuzz_common_setup(void) {
     fuzz.input = m_malloc(sizeof(buffer));
     _dropbear_log = fuzz_dropbear_log;
     crypto_init();
-    fuzz_seed();
+    fuzz_seed("start", 5);
     /* let any messages get flushed */
     setlinebuf(stdout);
 }
@@ -42,7 +42,7 @@ int fuzz_set_input(const uint8_t *Data, size_t Size) {
     memset(&cli_ses, 0x0, sizeof(cli_ses));
     wrapfd_setup(fuzz.input);
 
-    fuzz_seed();
+    fuzz_seed(fuzz.input->data, MIN(fuzz.input->len, 16));
 
     return DROPBEAR_SUCCESS;
 }