gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2026-02-28 06:23:08 -08:00
Code Issues Packages Projects Releases Wiki Activity

feat(fuzzing): Add initial set of fuzzing targets

Browse Source 
These targets can be used with rust nightly and cargo-fuzz to fuzz
several bits of Rosenpass's API. Fuzzing is an automated way of
exploring code paths that may not be hit in unit tests or normal
operation. For example the `handle_msg` target exposed the DoS condition
fixed in 0.2.1.

The other targets focus on the FFI with libsodium and liboqs.

Co-authored-by: Karolin Varner <karo@cupdev.net>
This commit is contained in:
Morgan Hill
2023-11-19 16:52:44 +01:00
committed by Karolin Varner
parent 86300ca936
commit a49254a021
10 changed files with 1501 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
fuzzing/fuzz_targets/handle_msg.rs Normal file
View File

@@ -0,0 +1,19 @@
#![no_main]
extern crate rosenpass;
use libfuzzer_sys::fuzz_target;
use rosenpass::coloring::Secret;
use rosenpass::protocol::CryptoServer;
use rosenpass_sodium::init as sodium_init;
fuzz_target!(|rx_buf: &[u8]| {
sodium_init().unwrap();
let sk = Secret::from_slice(&[0; 13568]);
let pk = Secret::from_slice(&[0; 524160]);
let mut cs = CryptoServer::new(sk, pk);
let mut tx_buf = [0; 10240];
cs.handle_msg(rx_buf, &mut tx_buf).unwrap();
});