提交 9f08a1c6 编写于 作者: R Rich Salz

Install custom RAND_METHOD for fuzzing

Instead of setting a "magic" global variable to force RAND to keep
consistent state and always generate the same bytestream, have
the fuzzing code install its own RAND_METHOD that does this.  For
BN_RAND_DEBUG, we just don't do it; that debugging was about mucking
with BN's internal representation, not requiring predictable rand
bytes.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4025)
上级 43405889
......@@ -27,10 +27,6 @@
#include <internal/thread_once.h>
#include "rand_lcl.h"
#if defined(BN_DEBUG) || defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
# define PREDICT 1
#endif
#define STATE_SIZE 1023
typedef struct ossl_rand_state_st OSSL_RAND_STATE;
......@@ -59,10 +55,6 @@ static unsigned int crypto_lock_rand = 0;
*/
static CRYPTO_THREAD_ID locking_threadid;
#ifdef PREDICT
int rand_predictable = 0;
#endif
static int rand_hw_seed(EVP_MD_CTX *ctx);
static void rand_thread_cleanup(void *arg)
......@@ -112,11 +104,6 @@ static int rand_add(const void *buf, int num, double add)
if (!num)
return 1;
#ifdef PREDICT
if (rand_predictable)
return 1;
#endif
/*
* (Based on the rand(3) manpage)
*
......@@ -297,16 +284,6 @@ static int rand_bytes(unsigned char *buf, int num)
gettimeofday(&tv, NULL);
#endif
#ifdef PREDICT
if (rand_predictable) {
unsigned char val = 1;
for (i = 0; i < num; i++)
buf[i] = val++;
return (1);
}
#endif
if (num <= 0)
return 1;
......
......@@ -31,11 +31,6 @@
#include <openssl/rand.h>
#include "fuzzer.h"
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
extern int rand_predictable;
#endif
#define ENTROPY_NEEDED 32
static ASN1_ITEM_EXP *item_type[] = {
ASN1_ITEM_ref(ACCESS_DESCRIPTION),
#ifndef OPENSSL_NO_RFC3779
......@@ -216,12 +211,7 @@ int FuzzerInitialize(int *argc, char ***argv)
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
ERR_get_state();
CRYPTO_free_ex_index(0, -1);
RAND_add("", 1, ENTROPY_NEEDED);
RAND_status();
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
rand_predictable = 1;
#endif
FuzzerSetRand();
return 1;
}
......
......@@ -18,11 +18,6 @@
#include <openssl/err.h>
#include "fuzzer.h"
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
extern int rand_predictable;
#endif
#define ENTROPY_NEEDED 32
/* unused, to avoid warning. */
static int idx;
......@@ -50,16 +45,11 @@ int FuzzerInitialize(int *argc, char ***argv)
ERR_get_state();
CRYPTO_free_ex_index(0, -1);
idx = SSL_get_ex_data_X509_STORE_CTX_idx();
RAND_add("", 1, ENTROPY_NEEDED);
RAND_status();
FuzzerSetRand();
comp_methods = SSL_COMP_get_compression_methods();
OPENSSL_sk_sort((OPENSSL_STACK *)comp_methods);
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
rand_predictable = 1;
#endif
return 1;
}
......
......@@ -11,3 +11,4 @@
int FuzzerTestOneInput(const uint8_t *buf, size_t len);
int FuzzerInitialize(int *argc, char ***argv);
void FuzzerCleanup(void);
void FuzzerSetRand(void);
......@@ -465,11 +465,6 @@ static const char DSACertPEM[] = {
};
#endif
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
extern int rand_predictable;
#endif
#define ENTROPY_NEEDED 32
/* unused, to avoid warning. */
static int idx;
......@@ -497,16 +492,11 @@ int FuzzerInitialize(int *argc, char ***argv)
ERR_get_state();
CRYPTO_free_ex_index(0, -1);
idx = SSL_get_ex_data_X509_STORE_CTX_idx();
RAND_add("", 1, ENTROPY_NEEDED);
RAND_status();
FuzzerSetRand();
comp_methods = SSL_COMP_get_compression_methods();
OPENSSL_sk_sort((OPENSSL_STACK *)comp_methods);
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
rand_predictable = 1;
#endif
return 1;
}
......
......@@ -18,8 +18,39 @@
#include <stdlib.h>
#include <sys/stat.h>
#include <openssl/crypto.h>
#include <openssl/rand.h>
#include "fuzzer.h"
static int fuzz_bytes(unsigned char *buf, int num)
{
unsigned char val = 1;
while (--num >= 0)
*buf++ = val++;
return 1;
}
static int fuzz_status(void)
{
return 1;
}
static RAND_METHOD fuzz_rand_method = {
NULL,
fuzz_bytes,
NULL,
NULL,
fuzz_bytes,
fuzz_status
};
void FuzzerSetRand(void)
{
RAND_set_rand_method(&fuzz_rand_method);
}
int main(int argc, char **argv) {
int n;
......
......@@ -14,22 +14,12 @@
#include <openssl/rand.h>
#include "fuzzer.h"
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
extern int rand_predictable;
#endif
#define ENTROPY_NEEDED 32
int FuzzerInitialize(int *argc, char ***argv)
{
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
ERR_get_state();
CRYPTO_free_ex_index(0, -1);
RAND_add("", 1, ENTROPY_NEEDED);
RAND_status();
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
rand_predictable = 1;
#endif
FuzzerSetRand();
return 1;
}
......
......@@ -28,10 +28,6 @@ struct rand_meth_st {
int (*status) (void);
};
# ifdef BN_DEBUG
extern int rand_predictable;
# endif
int RAND_set_rand_method(const RAND_METHOD *meth);
const RAND_METHOD *RAND_get_rand_method(void);
# ifndef OPENSSL_NO_ENGINE
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册