123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197 |
- /* Copyright (c) 2016-2019, The Tor Project, Inc. */
- /* See LICENSE for licensing information */
- #define CRYPTO_ED25519_PRIVATE
- #include "orconfig.h"
- #include "core/or/or.h"
- #include "lib/err/backtrace.h"
- #include "app/config/config.h"
- #include "test/fuzz/fuzzing.h"
- #include "lib/compress/compress.h"
- #include "lib/crypt_ops/crypto_ed25519.h"
- #include "lib/crypt_ops/crypto_init.h"
- static or_options_t *mock_options = NULL;
- static const or_options_t *
- mock_get_options(void)
- {
- return mock_options;
- }
- static int
- mock_crypto_pk_public_checksig__nocheck(const crypto_pk_t *env, char *to,
- size_t tolen,
- const char *from, size_t fromlen)
- {
- tor_assert(env && to && from);
- (void)fromlen;
- /* We could look at from[0..fromlen-1] ... */
- tor_assert(tolen >= crypto_pk_keysize(env));
- size_t siglen = MIN(20, crypto_pk_keysize(env));
- memset(to, 0x01, siglen);
- return (int)siglen;
- }
- static int
- mock_crypto_pk_public_checksig_digest__nocheck(crypto_pk_t *env,
- const char *data,
- size_t datalen,
- const char *sig,
- size_t siglen)
- {
- tor_assert(env && data && sig);
- (void)datalen;
- (void)siglen;
- /* We could look at data[..] and sig[..] */
- return 0;
- }
- static int
- mock_ed25519_checksig__nocheck(const ed25519_signature_t *signature,
- const uint8_t *msg, size_t len,
- const ed25519_public_key_t *pubkey)
- {
- tor_assert(signature && msg && pubkey);
- /* We could look at msg[0..len-1] ... */
- (void)len;
- return 0;
- }
- static int
- mock_ed25519_checksig_batch__nocheck(int *okay_out,
- const ed25519_checkable_t *checkable,
- int n_checkable)
- {
- tor_assert(checkable);
- int i;
- for (i = 0; i < n_checkable; ++i) {
- /* We could look at messages and signatures XXX */
- tor_assert(checkable[i].pubkey);
- tor_assert(checkable[i].msg);
- if (okay_out)
- okay_out[i] = 1;
- }
- return 0;
- }
- static int
- mock_ed25519_impl_spot_check__nocheck(void)
- {
- return 0;
- }
- void
- disable_signature_checking(void)
- {
- MOCK(crypto_pk_public_checksig,
- mock_crypto_pk_public_checksig__nocheck);
- MOCK(crypto_pk_public_checksig_digest,
- mock_crypto_pk_public_checksig_digest__nocheck);
- MOCK(ed25519_checksig, mock_ed25519_checksig__nocheck);
- MOCK(ed25519_checksig_batch, mock_ed25519_checksig_batch__nocheck);
- MOCK(ed25519_impl_spot_check, mock_ed25519_impl_spot_check__nocheck);
- }
- static void
- global_init(void)
- {
- tor_threads_init();
- tor_compress_init();
- /* Initialise logging first */
- init_logging(1);
- configure_backtrace_handler(get_version());
- if (crypto_global_init(0, NULL, NULL) < 0)
- abort();
- {
- struct sipkey sipkey = { 1337, 7331 };
- siphash_unset_global_key();
- siphash_set_global_key(&sipkey);
- }
- /* set up the options. */
- mock_options = tor_malloc_zero(sizeof(or_options_t));
- MOCK(get_options, mock_get_options);
- /* Make BUG() and nonfatal asserts crash */
- tor_set_failed_assertion_callback(abort);
- /* Make protocol warnings handled correctly. */
- init_protocol_warning_severity_level();
- }
- #ifdef LLVM_FUZZ
- int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
- int
- LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
- {
- static int initialized = 0;
- if (!initialized) {
- global_init();
- if (fuzz_init() < 0)
- abort();
- initialized = 1;
- }
- return fuzz_main(Data, Size);
- }
- #else /* Not LLVM_FUZZ, so AFL. */
- int
- main(int argc, char **argv)
- {
- size_t size;
- global_init();
- /* Disable logging by default to speed up fuzzing. */
- int loglevel = LOG_ERR;
- for (int i = 1; i < argc; ++i) {
- if (!strcmp(argv[i], "--warn")) {
- loglevel = LOG_WARN;
- } else if (!strcmp(argv[i], "--notice")) {
- loglevel = LOG_NOTICE;
- } else if (!strcmp(argv[i], "--info")) {
- loglevel = LOG_INFO;
- } else if (!strcmp(argv[i], "--debug")) {
- loglevel = LOG_DEBUG;
- }
- }
- {
- log_severity_list_t s;
- memset(&s, 0, sizeof(s));
- set_log_severity_config(loglevel, LOG_ERR, &s);
- /* ALWAYS log bug warnings. */
- s.masks[LOG_WARN-LOG_ERR] |= LD_BUG;
- add_stream_log(&s, "", fileno(stdout));
- }
- if (fuzz_init() < 0)
- abort();
- #ifdef __AFL_HAVE_MANUAL_CONTROL
- /* Tell AFL to pause and fork here - ignored if not using AFL */
- __AFL_INIT();
- #endif
- #define MAX_FUZZ_SIZE (128*1024)
- char *input = read_file_to_str_until_eof(0, MAX_FUZZ_SIZE, &size);
- tor_assert(input);
- char *raw = tor_memdup(input, size); /* Because input is nul-terminated */
- tor_free(input);
- fuzz_main((const uint8_t*)raw, size);
- tor_free(raw);
- if (fuzz_cleanup() < 0)
- abort();
- tor_free(mock_options);
- UNMOCK(get_options);
- return 0;
- }
- #endif
|