diff options
Diffstat (limited to 'src/test')
| -rw-r--r-- | src/test/fuzz/dict/hsdescv3 | 6 | ||||
| -rw-r--r-- | src/test/fuzz/fuzz_hsdescv3.c | 72 | ||||
| -rw-r--r-- | src/test/fuzz/include.am | 5 | ||||
| -rw-r--r-- | src/test/test_hs_intropoint.c | 20 |
4 files changed, 91 insertions, 12 deletions
diff --git a/src/test/fuzz/dict/hsdescv3 b/src/test/fuzz/dict/hsdescv3 new file mode 100644 index 0000000000..84e8db578a --- /dev/null +++ b/src/test/fuzz/dict/hsdescv3 @@ -0,0 +1,6 @@ +"hs-descriptor" +"descriptor-lifetime" +"descriptor-signing-key-cert" +"revision-counter" +"superencrypted" +"signature" diff --git a/src/test/fuzz/fuzz_hsdescv3.c b/src/test/fuzz/fuzz_hsdescv3.c new file mode 100644 index 0000000000..3fd21148f4 --- /dev/null +++ b/src/test/fuzz/fuzz_hsdescv3.c @@ -0,0 +1,72 @@ +/* Copyright (c) 2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#define ROUTERPARSE_PRIVATE +#define HS_DESCRIPTOR_PRIVATE + +#include "or.h" +#include "ed25519_cert.h" /* Trunnel interface. */ +#include "crypto_ed25519.h" +#include "hs_descriptor.h" +#include "routerparse.h" +#include "util.h" + +#include "fuzzing.h" + +static void +mock_dump_desc__nodump(const char *desc, const char *type) +{ + (void)desc; + (void)type; +} + +static int +mock_rsa_ed25519_crosscert_check(const uint8_t *crosscert, + const size_t crosscert_len, + const crypto_pk_t *rsa_id_key, + const ed25519_public_key_t *master_key, + const time_t reject_if_expired_before) +{ + (void) crosscert; + (void) crosscert_len; + (void) rsa_id_key; + (void) master_key; + (void) reject_if_expired_before; + return 0; +} + +int +fuzz_init(void) +{ + disable_signature_checking(); + MOCK(dump_desc, mock_dump_desc__nodump); + MOCK(rsa_ed25519_crosscert_check, mock_rsa_ed25519_crosscert_check); + ed25519_init(); + return 0; +} + +int +fuzz_cleanup(void) +{ + return 0; +} + +int +fuzz_main(const uint8_t *data, size_t sz) +{ + hs_descriptor_t *desc = NULL; + + char *fuzzing_data = tor_memdup_nulterm(data, sz); + + hs_desc_decode_descriptor(fuzzing_data, NULL, &desc); + if (desc) { + log_debug(LD_GENERAL, "Decoding okay"); + hs_descriptor_free(desc); + } else { + log_debug(LD_GENERAL, "Decoding failed"); + } + + tor_free(fuzzing_data); + return 0; +} + diff --git a/src/test/fuzz/include.am b/src/test/fuzz/include.am index d90e8283f2..8a043cd76e 100644 --- a/src/test/fuzz/include.am +++ b/src/test/fuzz/include.am @@ -17,8 +17,9 @@ FUZZING_LIBS = \ src/trunnel/libor-trunnel-testing.a \ $(rust_ldadd) \ @TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ \ - @TOR_LIBEVENT_LIBS@ @TOR_OPENSSL_LIBS@ \ - @TOR_LIB_WS32@ @TOR_LIB_GDI@ @TOR_LIB_USERENV@ @CURVE25519_LIBS@ \ + @TOR_LIBEVENT_LIBS@ \ + @TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @TOR_LIB_USERENV@ \ + @CURVE25519_LIBS@ \ @TOR_SYSTEMD_LIBS@ \ @TOR_LZMA_LIBS@ \ @TOR_ZSTD_LIBS@ diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index 2c8f780089..2cce8a3703 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -48,10 +48,10 @@ new_establish_intro_cell(const char *circ_nonce, ip = service_intro_point_new(NULL, 0); tt_assert(ip); cell_len = hs_cell_build_establish_intro(circ_nonce, ip, buf); - tt_u64_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); cell_len = trn_cell_establish_intro_parse(&cell, buf, sizeof(buf)); - tt_int_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); tt_assert(cell); *cell_out = cell; @@ -71,7 +71,7 @@ new_establish_intro_encoded_cell(const char *circ_nonce, uint8_t *cell_out) ip = service_intro_point_new(NULL, 0); tt_assert(ip); cell_len = hs_cell_build_establish_intro(circ_nonce, ip, cell_out); - tt_u64_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); done: service_intro_point_free(ip); @@ -184,7 +184,7 @@ test_establish_intro_wrong_purpose(void *arg) /* Create outgoing ESTABLISH_INTRO cell and extract its payload so that we attempt to parse it. */ cell_len = new_establish_intro_encoded_cell(circ_nonce, cell_body); - tt_u64_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); /* Receive the cell. Should fail. */ setup_full_capture_of_logs(LOG_INFO); @@ -250,7 +250,7 @@ test_establish_intro_wrong_keytype2(void *arg) /* Create outgoing ESTABLISH_INTRO cell and extract its payload so that we * attempt to parse it. */ cell_len = new_establish_intro_encoded_cell(circ_nonce, cell_body); - tt_u64_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); /* Mutate the auth key type! :) */ cell_body[0] = 42; @@ -286,7 +286,7 @@ test_establish_intro_wrong_mac(void *arg) /* Create outgoing ESTABLISH_INTRO cell and extract its payload so that we * attempt to parse it. */ cell_len = new_establish_intro_cell(circ_nonce, &cell); - tt_u64_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); tt_assert(cell); /* Mangle one byte of the MAC. */ @@ -307,7 +307,7 @@ test_establish_intro_wrong_mac(void *arg) /* Encode payload so we can sign it. */ cell_len = trn_cell_establish_intro_encode(cell_body, sizeof(cell_body), cell); - tt_int_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); retval = ed25519_sign_prefixed(&sig, cell_body, cell_len - @@ -321,7 +321,7 @@ test_establish_intro_wrong_mac(void *arg) /* Re-encode with the new signature. */ cell_len = trn_cell_establish_intro_encode(cell_body, sizeof(cell_body), cell); - tt_int_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); } /* Receive the cell. Should fail because our MAC is wrong. */ @@ -358,7 +358,7 @@ test_establish_intro_wrong_auth_key_len(void *arg) /* Create outgoing ESTABLISH_INTRO cell and extract its payload so that we * attempt to parse it. */ cell_len = new_establish_intro_cell(circ_nonce, &cell); - tt_u64_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); tt_assert(cell); /* Mangle the auth key length. */ @@ -403,7 +403,7 @@ test_establish_intro_wrong_sig_len(void *arg) /* Create outgoing ESTABLISH_INTRO cell and extract its payload so that we * attempt to parse it. */ cell_len = new_establish_intro_cell(circ_nonce, &cell); - tt_u64_op(cell_len, OP_GT, 0); + tt_i64_op(cell_len, OP_GT, 0); tt_assert(cell); /* Mangle the signature length. */ |