diff --git a/common-kex.c b/common-kex.c index 90a9308c3..7da3fb724 100644 --- a/common-kex.c +++ b/common-kex.c @@ -949,7 +949,7 @@ static void read_kex_algos() { ses.newkeys->trans.algo_comp = s2c_comp_algo->val; } -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing) { fuzz_kex_fakealgos(); } diff --git a/common-session.c b/common-session.c index 539a53fe2..037a78dba 100644 --- a/common-session.c +++ b/common-session.c @@ -75,7 +75,7 @@ void common_session_init(int sock_in, int sock_out) { ses.last_packet_time_any_sent = 0; ses.last_packet_time_keepalive_sent = 0; -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (!fuzz.fuzzing) #endif { @@ -158,7 +158,7 @@ void session_loop(void(*loophandler)(void)) { /* We get woken up when signal handlers write to this pipe. SIGCHLD in svr-chansession is the only one currently. */ -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (!fuzz.fuzzing) #endif { diff --git a/configure.ac b/configure.ac index 4f54cf23c..58ddcfcc2 100644 --- a/configure.ac +++ b/configure.ac @@ -12,7 +12,7 @@ AC_CONFIG_SRCDIR(buffer.c) # Record which revision is being built if which -s hg && test -d "$srcdir/.hg"; then hgrev=`hg id -i -R "$srcdir"` - echo "Source directory Mercurial base revision $hgrev" + AC_MSG_NOTICE([Source directory Mercurial base revision $hgrev]) fi # Checks for programs. @@ -330,6 +330,7 @@ AC_ARG_ENABLE(fuzz, DROPBEAR_FUZZ=1 ], [ + AC_DEFINE(DROPBEAR_FUZZ, 0, Fuzzing) DROPBEAR_FUZZ=0 ] diff --git a/dbrandom.c b/dbrandom.c index 1907834ba..7d2e118a7 100644 --- a/dbrandom.c +++ b/dbrandom.c @@ -145,7 +145,7 @@ void addrandom(const unsigned char * buf, unsigned int len) { hash_state hs; -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing || fuzz.recordf) { return; } @@ -163,7 +163,7 @@ void addrandom(const unsigned char * buf, unsigned int len) static void write_urandom() { -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing || fuzz.recordf) { return; } @@ -181,7 +181,7 @@ static void write_urandom() #endif } -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ void fuzz_seed(void) { hash_state hs; sha1_init(&hs); @@ -203,7 +203,7 @@ void seedrandom() { struct timeval tv; clock_t clockval; -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing || fuzz.recordf) { return; } diff --git a/dbutil.c b/dbutil.c index 73c7cb255..8b9880a7f 100644 --- a/dbutil.c +++ b/dbutil.c @@ -120,7 +120,7 @@ static void generic_dropbear_exit(int exitcode, const char* format, _dropbear_log(LOG_INFO, fmtbuf, param); -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ // longjmp before cleaning up svr_opts if (fuzz.do_jmp) { longjmp(fuzz.jmp, 1); @@ -532,7 +532,7 @@ void setnonblocking(int fd) { TRACE(("setnonblocking: %d", fd)) -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing) { return; } @@ -629,7 +629,7 @@ static clockid_t get_linux_clock_source() { #endif time_t monotonic_now() { -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing) { /* time stands still when fuzzing */ return 5; diff --git a/fuzz-common.c b/fuzz-common.c index 8403a7b5a..08041e2d9 100644 --- a/fuzz-common.c +++ b/fuzz-common.c @@ -42,21 +42,21 @@ int fuzz_set_input(const uint8_t *Data, size_t Size) { return DROPBEAR_SUCCESS; } -static void fuzz_dropbear_log(int UNUSED(priority), const char* format, va_list param) { - - char printbuf[1024]; - #if DEBUG_TRACE +static void fuzz_dropbear_log(int UNUSED(priority), const char* format, va_list param) { if (debug_trace) { + char printbuf[1024]; vsnprintf(printbuf, sizeof(printbuf), format, param); fprintf(stderr, "%s\n", printbuf); } -#endif } +#else +static void fuzz_dropbear_log(int UNUSED(priority), const char* UNUSED(format), va_list UNUSED(param)) { + /* No print */ +} +#endif /* DEBUG_TRACE */ void fuzz_svr_setup(void) { - struct passwd *pw; - fuzz_common_setup(); _dropbear_exit = svr_dropbear_exit; diff --git a/fuzz.h b/fuzz.h index 756913077..dd37c15fe 100644 --- a/fuzz.h +++ b/fuzz.h @@ -2,7 +2,7 @@ #define DROPBEAR_FUZZ_H #include "config.h" -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ #include "includes.h" #include "buffer.h" diff --git a/netio.c b/netio.c index 6c12b08dd..62fdc727a 100644 --- a/netio.c +++ b/netio.c @@ -361,7 +361,7 @@ void set_sock_priority(int sock, enum dropbear_prio prio) { int so_prio_val = 0; #endif -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing) { TRACE(("fuzzing skips set_sock_prio")) return; diff --git a/packet.c b/packet.c index 6349d0d15..0d718c595 100644 --- a/packet.c +++ b/packet.c @@ -77,7 +77,7 @@ void write_packet() { /* This may return EAGAIN. The main loop sometimes calls write_packet() without bothering to test with select() since it's likely to be necessary */ -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing) { // pretend to write one packet at a time // TODO(fuzz): randomise amount written based on the fuzz input @@ -105,7 +105,7 @@ void write_packet() { } #else /* No writev () */ -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ _Static_assert(0, "No fuzzing code for no-writev writes"); #endif /* Get the next buffer in the queue of encrypted packets to write*/ @@ -366,7 +366,7 @@ static int checkmac() { buf_setpos(ses.readbuf, 0); make_mac(ses.recvseq, &ses.keys->recv, ses.readbuf, contents_len, mac_bytes); -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing) { // fail 1 in 2000 times to test error path. // note that mac_bytes is all zero prior to kex, so don't test ==0 ! diff --git a/signkey.c b/signkey.c index 6eda18599..88f06c762 100644 --- a/signkey.c +++ b/signkey.c @@ -628,7 +628,7 @@ int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, } #endif -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ const char * const * fuzz_signkey_names = signkey_names; #endif diff --git a/svr-auth.c b/svr-auth.c index 7b400d1d7..bc893f99e 100644 --- a/svr-auth.c +++ b/svr-auth.c @@ -312,7 +312,7 @@ static int checkusername(const char *username, unsigned int userlen) { return DROPBEAR_FAILURE; } } -#endif HAVE_GETGROUPLIST +#endif TRACE(("shell is %s", ses.authstate.pw_shell)) @@ -395,7 +395,7 @@ void send_msg_userauth_failure(int partial, int incrfail) { genrandom((unsigned char*)&delay, sizeof(delay)); /* We delay for 300ms +- 50ms */ delay = 250000 + (delay % 100000); -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (!fuzz.fuzzing) { usleep(delay); } diff --git a/svr-authpubkey.c b/svr-authpubkey.c index 8905ac9cb..0ca0ea41f 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -473,7 +473,7 @@ static int checkfileperm(char * filename) { return DROPBEAR_SUCCESS; } -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ int fuzz_checkpubkey_line(buffer* line, int line_num, char* filename, const char* algo, unsigned int algolen, const unsigned char* keyblob, unsigned int keybloblen) { diff --git a/svr-kex.c b/svr-kex.c index daed9d4b0..406ad971b 100644 --- a/svr-kex.c +++ b/svr-kex.c @@ -179,7 +179,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) { } #endif -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ if (fuzz.fuzzing && fuzz.skip_kexmaths) { fuzz_fake_send_kexdh_reply(); return; diff --git a/svr-session.c b/svr-session.c index b097ff28e..9b513ee71 100644 --- a/svr-session.c +++ b/svr-session.c @@ -185,7 +185,7 @@ void svr_dropbear_exit(int exitcode, const char* format, va_list param) { session_cleanup(); } -#ifdef DROPBEAR_FUZZ +#if DROPBEAR_FUZZ // longjmp before cleaning up svr_opts if (fuzz.do_jmp) { longjmp(fuzz.jmp, 1);