| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-11-11 | Fix mock_crypto_pk_public_checksig__nocheck() to handle short RSA keys | Nick Mathewson | |
| This function -- a mock replacement used only for fuzzing -- would have a buffer overflow if it got an RSA key whose modulus was under 20 bytes long. Fortunately, Tor itself does not appear to have a bug here. Fixes bug 24247; bugfix on 0.3.0.3-alpha when fuzzing was introduced. Found by OSS-Fuzz; this is OSS-Fuzz issue 4177. | |||
| 2017-11-06 | Fix a memory leak on decryption non-failure of v3 hsdesc | Nick Mathewson | |
| If it decrypts something that turns out to start with a NUL byte, then decrypt_desc_layer() will return 0 to indicate the length of its result. But 0 also indicates an error, which causes the result not to be freed by decrypt_desc_layer()'s callers. Since we're trying to stabilize 0.3.2.x, I've opted for the simpler possible fix here and made it so that an empty decrypted string will also count as an error. Fixes bug 24150 and OSS-Fuzz issue 3994. The original bug was present but unreachable in 0.3.1.1-alpha. I'm calling this a bugfix on 0.3.2.1-alpha since that's the first version where you could actually try to decrypt these descriptors. | |||
| 2017-10-31 | Merge branch 'bug24082_032' into maint-0.3.2 | Nick Mathewson | |
| 2017-10-30 | Initialize the mock options in the fuzzing code | Nick Mathewson | |
| Fixes bug 24082; bugfix on 0.3.0.3-alpha. Found by Brian Carpenter. | |||
| 2017-10-27 | In the hsdescv3 fuzzer, replace the decryption function. | Nick Mathewson | |
| The new decryption function performs no decryption, skips the salt, and doesn't check the mac. This allows us to fuzz the hs_descriptor.c code using unencrypted descriptor test, and exercise more of the code. Related to 21509. | |||
| 2017-10-26 | fuzzing: Make hsdescv3 use the decoding API correctly | David Goulet | |
| Fixes #21509 Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2017-10-26 | Revert "Temporarily disable compilation of the v3 hs fuzzing code" | David Goulet | |
| This reverts commit 5ef656e7d1b1e1e74c46bd02ce8faaa1d8d09403. | |||
| 2017-09-05 | Resolve inconsistencies between buf refactor and HTTP connect | Nick Mathewson | |
| 2017-09-05 | Merge branch 'http_tunnel_squashed' | Nick Mathewson | |
| 2017-09-05 | Add a fuzzer for HTTP CONNECT | Nick Mathewson | |
| 2017-08-28 | Temporarily disable compilation of the v3 hs fuzzing code | Nick Mathewson | |
| Turns out, it wasn't up-to-date with the latest v3 hs API :( | |||
| 2017-08-28 | Fix compilation. | Nick Mathewson | |
| 2017-08-28 | Merge remote-tracking branch 'haxxpop/fuzzing-hsv3' | Nick Mathewson | |
| 2017-08-21 | 22839: Build tor with rust enabled on win | Ties Stuij | |
| - make tor_util static library name configurable - fix Rust libary dependency order for Windows | |||
| 2017-08-13 | Fuzz outer layer of hsv3 descriptor | Suphanat Chunhapanya | |
| The code in fuzz_hsdescv3.c fuzzes the unencrypted layer of the hsv3 descriptor. We need to fuzz the encrypted layer later. | |||
| 2017-06-19 | Remove hardwired libfuzzer path; closes 22105. | Nick Mathewson | |
| 2017-05-19 | Merge branch 'add_rust_squashed' | Nick Mathewson | |
| 2017-05-03 | bug#22143/prop#140: identify input diffs by their digest-as-signed | Nick Mathewson | |
| See may 3 changes to prop140 for more background. | |||
| 2017-04-29 | Add --enable-rust configure switch | Sebastian Hahn | |
| Introduce a way to optionally enable Rust integration for our builds. No actual Rust code is added yet and specifying the flag has no effect other than failing the build if rustc and cargo are unavailable. | |||
| 2017-04-27 | Clean up mentions of 'zlib' and rename the mentions to 'compressed'. | Alexander Færøy | |
| This patch cleans up in various places where 'zlib' is mentioned. | |||
| 2017-04-25 | Use atomic counters for compressor allocation. | Nick Mathewson | |
| 2017-04-25 | Add --enable-zstd to our configure script. | Alexander Færøy | |
| This patch adds support for enabling support for Zstandard to our configure script. By default, the --enable-zstd option is set to "auto" which means if libzstd is available we'll build Tor with Zstandard support. See: https://bugs.torproject.org/21662 | |||
| 2017-04-25 | Add --enable-lzma to our configure script. | Alexander Færøy | |
| This patch adds support for enabling support for LZMA to our configure script. By default, the --enable-lzma option is set to "auto" which means if liblzma is available we'll build Tor with LZMA support. See: https://bugs.torproject.org/21662 | |||
| 2017-03-16 | Generate src/test/fuzz/include.am from a script | Nick Mathewson | |
| It was very error-prone to maintain this by hand. | |||
| 2017-03-16 | Merge branch 'prop140_21643_diff_only_squashed' | Nick Mathewson | |
| 2017-03-16 | Add fuzzers for consensus diff backend code | Nick Mathewson | |
| This takes two fuzzers: one which generates a diff and makes sure it works, and one which applies a diff. So far, they won't crash, but there's a bug in my string-manipulation code someplace that I'm having to work around, related to the case where you have a blank line at the end of a file, or where you diff a file with itself. | |||
| 2017-03-15 | Run the copyright update script. | Nick Mathewson | |
| 2017-02-14 | Rename make fuzz to make test-fuzz-corpora | Nick Mathewson | |
| 2017-02-01 | Fix a memory-leak in fuzz_vrs.c | Nick Mathewson | |
| 2017-01-30 | Don't use %zu in fuzz-http: windows doesn't like it. | Nick Mathewson | |
| 2017-01-30 | Update documentation and testing integration for fuzzing | Nick Mathewson | |
| 2017-01-30 | Fix a pair of compilation errors. | Nick Mathewson | |
| 2017-01-30 | Fix memory leak on zero-length input on fuzz_http.c | Nick Mathewson | |
| 2017-01-30 | memory leak in fuzz_vrs | Nick Mathewson | |
| 2017-01-30 | actually build .as for fuzzing | Nick Mathewson | |
| 2017-01-30 | missing backslash | Nick Mathewson | |
| 2017-01-30 | differently build oss fuzzers | Nick Mathewson | |
| 2017-01-30 | More oss-fuzz fixes | Nick Mathewson | |
| 2017-01-30 | Try to refactor OSS fuzzers into static libraries. | Nick Mathewson | |
| 2017-01-30 | libfuzzer tweaks per recommendations | Nick Mathewson | |
| 2017-01-30 | routerstatus fuzzing | Nick Mathewson | |
| 2017-01-30 | Add libfuzzer support. | Nick Mathewson | |
| 2017-01-30 | Three more fuzzers: consensus, hsdesc, intro points | Nick Mathewson | |
| 2017-01-30 | Tools for working with directories of fuzzed stuff. | Nick Mathewson | |
| 2017-01-30 | fuzzing: Add copyright notices and whitespace fixes | Nick Mathewson | |
| 2017-01-30 | Add microdesc format fuzzer. | Nick Mathewson | |
| 2017-01-30 | Addition to test cases: make sure fuzzer binaries allow known cases | Nick Mathewson | |
| This isn't fuzzing per se, so much as replaying the highlights of past fuzzer runs. | |||
| 2017-01-30 | Add extrainfo fuzzer | Nick Mathewson | |
| 2017-01-30 | Try to tweak fuzzing.md to correspond to my changes | Nick Mathewson | |
| 2017-01-30 | Guide fuzzing by adding standard tor GET and POST testcases | teor | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| aboutsummaryrefslogtreecommitdiff |