Skip to content

Commit

Permalink
Add a flag whether to longjmp, missed that last commit
Browse files Browse the repository at this point in the history
--HG--
branch : fuzz
  • Loading branch information
mkj committed Jun 1, 2017
1 parent ea0e23c commit 81b64ea
Show file tree
Hide file tree
Showing 5 changed files with 7 additions and 3 deletions.
2 changes: 1 addition & 1 deletion dbutil.c
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ static void generic_dropbear_exit(int exitcode, const char* format,

#ifdef DROPBEAR_FUZZ
// longjmp before cleaning up svr_opts
if (fuzz.fuzzing) {
if (fuzz.do_jmp) {
longjmp(fuzz.jmp, 1);
}
#endif
Expand Down
1 change: 1 addition & 0 deletions fuzz-common.c
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ static void load_fixed_hostkeys(void);
void common_setup_fuzzer(void) {
fuzz.fuzzing = 1;
fuzz.wrapfds = 1;
fuzz.do_jmp = 1;
fuzz.input = m_malloc(sizeof(buffer));
_dropbear_log = fuzz_dropbear_log;
crypto_init();
Expand Down
1 change: 1 addition & 0 deletions fuzz.h
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ struct dropbear_fuzz_options {
int wrapfds;

// dropbear_exit() jumps back
int do_jmp;
sigjmp_buf jmp;

uid_t pw_uid;
Expand Down
4 changes: 3 additions & 1 deletion fuzzer-preauth.c
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
static int once = 0;
if (!once) {
setup_fuzzer();
// XXX temporarily disable setjmp to debug asan segv
fuzz.do_jmp = 0;
once = 1;
}

Expand Down Expand Up @@ -40,7 +42,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
wrapfd_add(fakesock, fuzz.input, PLAIN);

m_malloc_set_epoch(1);
// temporarily disable setjmp to debug asan segv
// XXX temporarily disable setjmp to debug asan segv
svr_session(fakesock, fakesock);
#if 0
if (setjmp(fuzz.jmp) == 0) {
Expand Down
2 changes: 1 addition & 1 deletion svr-session.c
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,7 @@ void svr_dropbear_exit(int exitcode, const char* format, va_list param) {

#ifdef DROPBEAR_FUZZ
// longjmp before cleaning up svr_opts
if (fuzz.fuzzing) {
if (fuzz.do_jmp) {
longjmp(fuzz.jmp, 1);
}
#endif
Expand Down

0 comments on commit 81b64ea

Please sign in to comment.