Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enable fuzzing of key exchange (#5066) 

* enable null cipher for fuzz tests

* hook key exchange fuzzer into build

Co-authored-by: Damien Miller <djm@google.com>
This commit is contained in:
Damien Miller 2021-01-29 11:51:47 +11:00 committed by GitHub
parent de2ecf8553
commit 62f70575c5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
projects/openssh/build.sh
View File

@ -15,6 +15,10 @@
#
################################################################################
# Enable null cipher
mv cipher.c _cipher.c
sed 's/#define CFLAG_INTERNAL.*/#define CFLAG_INTERNAL 0/' _cipher.c > cipher.c
# Build project
autoreconf
env
@ -25,34 +29,39 @@ env CFLAGS="" ./configure \
make -j$(nproc) all
# Build fuzzers
EXTRA_CFLAGS="-DCIPHER_NONE_AVAIL=1"
STATIC_CRYPTO="-Wl,-Bstatic -lcrypto -Wl,-Bdynamic"
COMMON=ssh-sk-null.o
$CXX $CXXFLAGS -std=c++11 -I. -L. -Lopenbsd-compat -g \
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/ssh-sk-null.cc -c -o ssh-sk-null.o
$CXX $CXXFLAGS -std=c++11 -I. -L. -Lopenbsd-compat -g \
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/pubkey_fuzz.cc -o $OUT/pubkey_fuzz \
-lssh -lopenbsd-compat $COMMON $STATIC_CRYPTO $LIB_FUZZING_ENGINE
$CXX $CXXFLAGS -std=c++11 -I. -L. -Lopenbsd-compat -g \
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/privkey_fuzz.cc -o $OUT/privkey_fuzz \
-lssh -lopenbsd-compat $COMMON $STATIC_CRYPTO $LIB_FUZZING_ENGINE
$CXX $CXXFLAGS -std=c++11 -I. -L. -Lopenbsd-compat -g \
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/sig_fuzz.cc -o $OUT/sig_fuzz \
-lssh -lopenbsd-compat $COMMON $STATIC_CRYPTO $LIB_FUZZING_ENGINE
$CXX $CXXFLAGS -std=c++11 -I. -L. -Lopenbsd-compat -g \
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/authopt_fuzz.cc -o $OUT/authopt_fuzz \
auth-options.o -lssh -lopenbsd-compat $COMMON $STATIC_CRYPTO \
$LIB_FUZZING_ENGINE
$CXX $CXXFLAGS -std=c++11 -I. -L. -Lopenbsd-compat -g \
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/sshsig_fuzz.cc -o $OUT/sshsig_fuzz \
sshsig.o -lssh -lopenbsd-compat $COMMON $STATIC_CRYPTO \
$LIB_FUZZING_ENGINE
$CXX $CXXFLAGS -std=c++11 -I. -L. -Lopenbsd-compat -g \
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/sshsigopt_fuzz.cc -o $OUT/sshsigopt_fuzz \
sshsig.o -lssh -lopenbsd-compat $COMMON $STATIC_CRYPTO \
$LIB_FUZZING_ENGINE
$CXX $CXXFLAGS -std=c++11 $EXTRA_CFLAGS -I. -L. -Lopenbsd-compat -g \
regress/misc/fuzz-harness/kex_fuzz.cc -o $OUT/kex_fuzz \
-lssh -lopenbsd-compat -lz $COMMON $STATIC_CRYPTO \
$LIB_FUZZING_ENGINE
# Prepare seed corpora
CASES="$SRC/openssh-fuzz-cases"
@ -62,3 +71,4 @@ CASES="$SRC/openssh-fuzz-cases"
(set -e ; cd ${CASES}/authopt ; zip -r $OUT/authopt_fuzz_seed_corpus.zip .)
(set -e ; cd ${CASES}/sshsig ; zip -r $OUT/sshsig_fuzz_seed_corpus.zip .)
(set -e ; cd ${CASES}/sshsigopt ; zip -r $OUT/sshsigopt_fuzz_seed_corpus.zip .)
(set -e ; cd ${CASES}/kex ; zip -r $OUT/kex_fuzz_seed_corpus.zip .)