Add a fuzzer for olm_group_decrypt

This commit is contained in:
Mark Haines 2016-05-26 13:25:34 +01:00
parent ee8172d882
commit bfeb554e86
4 changed files with 86 additions and 4 deletions

View file

@ -7,7 +7,7 @@ JS_OPTIMIZE_FLAGS ?= -O3
FUZZING_OPTIMIZE_FLAGS ?= -O3 FUZZING_OPTIMIZE_FLAGS ?= -O3
CC = gcc CC = gcc
EMCC = emcc EMCC = emcc
AFL_CC = afl_gcc AFL_CC = afl-gcc
AFL_CXX = afl-g++ AFL_CXX = afl-g++
RELEASE_TARGET := $(BUILD_DIR)/libolm.so RELEASE_TARGET := $(BUILD_DIR)/libolm.so
DEBUG_TARGET := $(BUILD_DIR)/libolm_debug.so DEBUG_TARGET := $(BUILD_DIR)/libolm_debug.so

View file

@ -61,4 +61,5 @@ int main(int argc, const char *argv[]) {
ignored = write(STDOUT_FILENO, plaintext, length); ignored = write(STDOUT_FILENO, plaintext, length);
ignored = write(STDOUT_FILENO, "\n", 1); ignored = write(STDOUT_FILENO, "\n", 1);
return ignored;
} }

View file

@ -0,0 +1,71 @@
#include "olm/olm.hh"
#include "fuzzing.hh"
int main(int argc, const char *argv[]) {
size_t ignored;
if (argc <= 2) {
const char * message = "Usage: decrypt <pickle_key> <group_session>\n";
ignored = write(STDERR_FILENO, message, strlen(message));
exit(3);
}
const char * key = argv[1];
size_t key_length = strlen(key);
int session_fd = check_errno(
"Error opening session file", open(argv[2], O_RDONLY)
);
uint8_t *session_buffer;
ssize_t session_length = check_errno(
"Error reading session file", read_file(session_fd, &session_buffer)
);
int message_fd = STDIN_FILENO;
uint8_t * message_buffer;
ssize_t message_length = check_errno(
"Error reading message file", read_file(message_fd, &message_buffer)
);
uint8_t * tmp_buffer = (uint8_t *) malloc(message_length);
memcpy(tmp_buffer, message_buffer, message_length);
uint8_t session_memory[olm_inbound_group_session_size()];
OlmInboundGroupSession * session = olm_inbound_group_session(session_memory);
check_error(
olm_inbound_group_session_last_error,
session,
"Error unpickling session",
olm_unpickle_inbound_group_session(
session, key, key_length, session_buffer, session_length
)
);
size_t max_length = check_error(
olm_inbound_group_session_last_error,
session,
"Error getting plaintext length",
olm_group_decrypt_max_plaintext_length(
session, tmp_buffer, message_length
)
);
uint8_t plaintext[max_length];
size_t length = check_error(
olm_inbound_group_session_last_error,
session,
"Error decrypting message",
olm_group_decrypt(
session,
message_buffer, message_length,
plaintext, max_length
)
);
ignored = write(STDOUT_FILENO, plaintext, length);
ignored = write(STDOUT_FILENO, "\n", 1);
return ignored;
}

View file

@ -53,13 +53,15 @@ T check_errno(
return value; return value;
} }
size_t check_session( template<typename T, typename F>
OlmSession * session, size_t check_error(
F f,
T * object,
const char * message, const char * message,
size_t value size_t value
) { ) {
if (value == olm_error()) { if (value == olm_error()) {
const char * olm_message = olm_session_last_error(session); const char * olm_message = f(object);
ssize_t ignored; ssize_t ignored;
ignored = write(STDERR_FILENO, message, strlen(message)); ignored = write(STDERR_FILENO, message, strlen(message));
ignored = write(STDERR_FILENO, ": ", 2); ignored = write(STDERR_FILENO, ": ", 2);
@ -70,3 +72,11 @@ size_t check_session(
} }
return value; return value;
} }
size_t check_session(
OlmSession * session,
const char * message,
size_t value
) {
return check_error(olm_session_last_error, session, message, value);
}