[gnutls-devel] libtasn1 | fuzz: add fuzzers for asn1_get_length_b/der (!65)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu May 7 18:24:33 CEST 2020




Tim Rühsen started a new discussion on fuzz/asn1_get_length_ber_fuzzer.c: https://gitlab.com/gnutls/libtasn1/-/merge_requests/65#note_338427676

> + * You should have received a copy of the GNU Lesser General Public License
> + * along with libtasn1.  If not, see <https://www.gnu.org/licenses/>.
> + *
> + * This fuzzer is testing asn1_get_length_ber()'s robustness with arbitrary
> + * input data.
> + */
> +
> +#include <config.h>
> +
> +#include "libtasn1.h"
> +#include "fuzzer.h"
> +
> +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
> +{
> +	int ret_len;
> +

We should always limit the size here to avoid excessive wasting of CPU for nothing. Whatever makes, it could be like `if (size < 1024) return 0;`. But maybe even 512 is good enough. The smaller we can make it, the faster is the fuzzer in finding issues.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/65#note_338427676
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200507/6992cc20/attachment.html>


More information about the Gnutls-devel mailing list