Add a fuzzer for olm_group_decrypt
This commit is contained in:
parent
ee8172d882
commit
bfeb554e86
4 changed files with 86 additions and 4 deletions
2
Makefile
2
Makefile
|
@ -7,7 +7,7 @@ JS_OPTIMIZE_FLAGS ?= -O3
|
||||||
FUZZING_OPTIMIZE_FLAGS ?= -O3
|
FUZZING_OPTIMIZE_FLAGS ?= -O3
|
||||||
CC = gcc
|
CC = gcc
|
||||||
EMCC = emcc
|
EMCC = emcc
|
||||||
AFL_CC = afl_gcc
|
AFL_CC = afl-gcc
|
||||||
AFL_CXX = afl-g++
|
AFL_CXX = afl-g++
|
||||||
RELEASE_TARGET := $(BUILD_DIR)/libolm.so
|
RELEASE_TARGET := $(BUILD_DIR)/libolm.so
|
||||||
DEBUG_TARGET := $(BUILD_DIR)/libolm_debug.so
|
DEBUG_TARGET := $(BUILD_DIR)/libolm_debug.so
|
||||||
|
|
|
@ -61,4 +61,5 @@ int main(int argc, const char *argv[]) {
|
||||||
|
|
||||||
ignored = write(STDOUT_FILENO, plaintext, length);
|
ignored = write(STDOUT_FILENO, plaintext, length);
|
||||||
ignored = write(STDOUT_FILENO, "\n", 1);
|
ignored = write(STDOUT_FILENO, "\n", 1);
|
||||||
|
return ignored;
|
||||||
}
|
}
|
||||||
|
|
71
fuzzers/fuzz_group_decrypt.cpp
Normal file
71
fuzzers/fuzz_group_decrypt.cpp
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
#include "olm/olm.hh"
|
||||||
|
|
||||||
|
#include "fuzzing.hh"
|
||||||
|
|
||||||
|
int main(int argc, const char *argv[]) {
|
||||||
|
size_t ignored;
|
||||||
|
if (argc <= 2) {
|
||||||
|
const char * message = "Usage: decrypt <pickle_key> <group_session>\n";
|
||||||
|
ignored = write(STDERR_FILENO, message, strlen(message));
|
||||||
|
exit(3);
|
||||||
|
}
|
||||||
|
|
||||||
|
const char * key = argv[1];
|
||||||
|
size_t key_length = strlen(key);
|
||||||
|
|
||||||
|
|
||||||
|
int session_fd = check_errno(
|
||||||
|
"Error opening session file", open(argv[2], O_RDONLY)
|
||||||
|
);
|
||||||
|
|
||||||
|
uint8_t *session_buffer;
|
||||||
|
ssize_t session_length = check_errno(
|
||||||
|
"Error reading session file", read_file(session_fd, &session_buffer)
|
||||||
|
);
|
||||||
|
|
||||||
|
int message_fd = STDIN_FILENO;
|
||||||
|
uint8_t * message_buffer;
|
||||||
|
ssize_t message_length = check_errno(
|
||||||
|
"Error reading message file", read_file(message_fd, &message_buffer)
|
||||||
|
);
|
||||||
|
|
||||||
|
uint8_t * tmp_buffer = (uint8_t *) malloc(message_length);
|
||||||
|
memcpy(tmp_buffer, message_buffer, message_length);
|
||||||
|
|
||||||
|
uint8_t session_memory[olm_inbound_group_session_size()];
|
||||||
|
OlmInboundGroupSession * session = olm_inbound_group_session(session_memory);
|
||||||
|
check_error(
|
||||||
|
olm_inbound_group_session_last_error,
|
||||||
|
session,
|
||||||
|
"Error unpickling session",
|
||||||
|
olm_unpickle_inbound_group_session(
|
||||||
|
session, key, key_length, session_buffer, session_length
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
size_t max_length = check_error(
|
||||||
|
olm_inbound_group_session_last_error,
|
||||||
|
session,
|
||||||
|
"Error getting plaintext length",
|
||||||
|
olm_group_decrypt_max_plaintext_length(
|
||||||
|
session, tmp_buffer, message_length
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
uint8_t plaintext[max_length];
|
||||||
|
|
||||||
|
size_t length = check_error(
|
||||||
|
olm_inbound_group_session_last_error,
|
||||||
|
session,
|
||||||
|
"Error decrypting message",
|
||||||
|
olm_group_decrypt(
|
||||||
|
session,
|
||||||
|
message_buffer, message_length,
|
||||||
|
plaintext, max_length
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
ignored = write(STDOUT_FILENO, plaintext, length);
|
||||||
|
ignored = write(STDOUT_FILENO, "\n", 1);
|
||||||
|
return ignored;
|
||||||
|
}
|
|
@ -53,13 +53,15 @@ T check_errno(
|
||||||
return value;
|
return value;
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t check_session(
|
template<typename T, typename F>
|
||||||
OlmSession * session,
|
size_t check_error(
|
||||||
|
F f,
|
||||||
|
T * object,
|
||||||
const char * message,
|
const char * message,
|
||||||
size_t value
|
size_t value
|
||||||
) {
|
) {
|
||||||
if (value == olm_error()) {
|
if (value == olm_error()) {
|
||||||
const char * olm_message = olm_session_last_error(session);
|
const char * olm_message = f(object);
|
||||||
ssize_t ignored;
|
ssize_t ignored;
|
||||||
ignored = write(STDERR_FILENO, message, strlen(message));
|
ignored = write(STDERR_FILENO, message, strlen(message));
|
||||||
ignored = write(STDERR_FILENO, ": ", 2);
|
ignored = write(STDERR_FILENO, ": ", 2);
|
||||||
|
@ -70,3 +72,11 @@ size_t check_session(
|
||||||
}
|
}
|
||||||
return value;
|
return value;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
size_t check_session(
|
||||||
|
OlmSession * session,
|
||||||
|
const char * message,
|
||||||
|
size_t value
|
||||||
|
) {
|
||||||
|
return check_error(olm_session_last_error, session, message, value);
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue