[gnutls-devel] libtasn1 | fuzz: add fuzzers for asn1_get_length_b/der (!65)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu May 7 18:29:37 CEST 2020




Dmitry Baryshkov commented on a discussion on fuzz/asn1_get_length_ber_fuzzer.c: https://gitlab.com/gnutls/libtasn1/-/merge_requests/65#note_338430373

> + * You should have received a copy of the GNU Lesser General Public License
> + * along with libtasn1.  If not, see <https://www.gnu.org/licenses/>.
> + *
> + * This fuzzer is testing asn1_get_length_ber()'s robustness with arbitrary
> + * input data.
> + */
> +
> +#include <config.h>
> +
> +#include "libtasn1.h"
> +#include "fuzzer.h"
> +
> +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
> +{
> +	int ret_len;
> +

I did not limit it mostly because of BER indefinite length parsing

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/65#note_338430373
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200507/ae8634d2/attachment.html>


More information about the Gnutls-devel mailing list