diff options
Diffstat (limited to 'deps/openssl/openssl/fuzz/bignum.c')
| -rw-r--r-- | deps/openssl/openssl/fuzz/bignum.c | 53 |
1 files changed, 34 insertions, 19 deletions
diff --git a/deps/openssl/openssl/fuzz/bignum.c b/deps/openssl/openssl/fuzz/bignum.c index 43e134bc14..c5136601b1 100644 --- a/deps/openssl/openssl/fuzz/bignum.c +++ b/deps/openssl/openssl/fuzz/bignum.c @@ -15,31 +15,37 @@ #include <stdio.h> #include <openssl/bn.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { + +int FuzzerInitialize(int *argc, char ***argv) +{ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - static BN_CTX *ctx; - static BIGNUM *b1; - static BIGNUM *b2; - static BIGNUM *b3; - static BIGNUM *b4; - static BIGNUM *b5; +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ int success = 0; size_t l1 = 0, l2 = 0, l3 = 0; - int s1 = 0, s2 = 0, s3 = 0; + int s1 = 0, s3 = 0; + BN_CTX *ctx; + BIGNUM *b1; + BIGNUM *b2; + BIGNUM *b3; + BIGNUM *b4; + BIGNUM *b5; + + b1 = BN_new(); + b2 = BN_new(); + b3 = BN_new(); + b4 = BN_new(); + b5 = BN_new(); + ctx = BN_CTX_new(); - if (ctx == NULL) { - b1 = BN_new(); - b2 = BN_new(); - b3 = BN_new(); - b4 = BN_new(); - b5 = BN_new(); - ctx = BN_CTX_new(); - } /* Divide the input into three parts, using the values of the first two * bytes to choose lengths, which generate b1, b2 and b3. Use three bits * of the third byte to choose signs for the three numbers. @@ -53,14 +59,12 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { l3 = len - l1 - l2; s1 = buf[0] & 1; - s2 = buf[0] & 2; s3 = buf[0] & 4; ++buf; } OPENSSL_assert(BN_bin2bn(buf, l1, b1) == b1); BN_set_negative(b1, s1); OPENSSL_assert(BN_bin2bn(buf + l1, l2, b2) == b2); - BN_set_negative(b2, s2); OPENSSL_assert(BN_bin2bn(buf + l1 + l2, l3, b3) == b3); BN_set_negative(b3, s3); @@ -89,6 +93,17 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { done: OPENSSL_assert(success); + BN_free(b1); + BN_free(b2); + BN_free(b3); + BN_free(b4); + BN_free(b5); + BN_CTX_free(ctx); + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ +} |