Support building a "disarmed" target via the OLM_FUZZING macro.

Like other crypto libs, libolm contains many obstacles which a fuzzer is
unlikely to be able to surmount but which are not important for the end
goal of fuzzing. The easiest and most robust way around this is to remove
these obstacles conditionally when building the fuzzer binaries.

This commit adds a preprocessor macro OLM_FUZZING which can be used to
conditionally disables problematic bits of code during compile-time for
easier fuzzing.

Currently the only thing it disables is the encryption/decryption and
base64 encoding/decoding when processing pickled Megolm keys. This
allows the fuzzers to fuzz the unpickling functionality directly without
inadvertently fuzzing the base64 encoder and encryption (which should be
fuzzed separately).

The macro is set in the Makefile *only* when building fuzzer binaries.
This commit is contained in:
Denis Kasak 2021-06-17 14:49:26 +02:00
parent b38e282f3a
commit 0a8bbde361

View file

@ -103,12 +103,21 @@ size_t olm_pickle_outbound_group_session(
return (size_t)-1;
}
#ifndef OLM_FUZZING
pos = _olm_enc_output_pos(pickled, raw_length);
#else
pos = pickled;
#endif
pos = _olm_pickle_uint32(pos, PICKLE_VERSION);
pos = megolm_pickle(&(session->ratchet), pos);
pos = _olm_pickle_ed25519_key_pair(pos, &(session->signing_key));
#ifndef OLM_FUZZING
return _olm_enc_output(key, key_length, pickled, raw_length);
#else
return raw_length;
#endif
}
size_t olm_unpickle_outbound_group_session(
@ -120,9 +129,14 @@ size_t olm_unpickle_outbound_group_session(
const uint8_t *end;
uint32_t pickle_version;
#ifndef OLM_FUZZING
size_t raw_length = _olm_enc_input(
key, key_length, pickled, pickled_length, &(session->last_error)
);
#else
size_t raw_length = pickled_length;
#endif
if (raw_length == (size_t)-1) {
return raw_length;
}