diff options
| author | Frank Denis <124872+jedisct1@users.noreply.github.com> | 2021-02-13 03:10:40 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-12 18:10:40 -0800 |
| commit | 27f13eb527bd04599ed887d58bf2ad05c477ca02 (patch) | |
| tree | dc6c0da25882e102714de35e35b566bfa7f37d8d /projects/libsodium | |
| parent | f26468f501235d3eb3b5e60d2efbfbdd657124e4 (diff) | |
| download | oss-fuzz-27f13eb527bd04599ed887d58bf2ad05c477ca02.tar.gz | |
libsodium: don't use the stack for potentially large data (#5190)
* libsodium: don't use the stack for potentially large data
Also check return codes of verification functions, and properly
check the random implementation name.
* Add license headers
Diffstat (limited to 'projects/libsodium')
| -rw-r--r-- | projects/libsodium/fake_random.h | 16 | ||||
| -rw-r--r-- | projects/libsodium/secret_key_auth_fuzzer.cc | 19 | ||||
| -rw-r--r-- | projects/libsodium/secretbox_easy_fuzzer.cc | 25 |
3 files changed, 55 insertions, 5 deletions
diff --git a/projects/libsodium/fake_random.h b/projects/libsodium/fake_random.h index 36d8d89ba..9519b0ce2 100644 --- a/projects/libsodium/fake_random.h +++ b/projects/libsodium/fake_random.h @@ -1,3 +1,17 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + #ifndef FAKE_RANDOM_H_ #define FAKE_RANDOM_H_ @@ -43,7 +57,7 @@ setup_fake_random(const unsigned char * seed, const size_t seed_size) { int fake_random_set = randombytes_set_implementation(&fake_random); assert(fake_random_set == 0); - assert(randombytes_implementation_name() == "fake_random"); + assert(strcmp(randombytes_implementation_name(), "fake_random") == 0); int initialized = sodium_init(); assert(initialized >= 0); } diff --git a/projects/libsodium/secret_key_auth_fuzzer.cc b/projects/libsodium/secret_key_auth_fuzzer.cc index 32bb5fe83..ce46781f4 100644 --- a/projects/libsodium/secret_key_auth_fuzzer.cc +++ b/projects/libsodium/secret_key_auth_fuzzer.cc @@ -1,4 +1,19 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + #include <assert.h> +#include <stdlib.h> #include <sodium.h> #include "fake_random.h" @@ -16,6 +31,8 @@ extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) { crypto_auth_keygen(key); crypto_auth(mac, data, size, key); - crypto_auth_verify(mac, data, size, key); + int err = crypto_auth_verify(mac, data, size, key); + assert(err == 0); + return 0; } diff --git a/projects/libsodium/secretbox_easy_fuzzer.cc b/projects/libsodium/secretbox_easy_fuzzer.cc index 4e25bcc7a..a37c88b6b 100644 --- a/projects/libsodium/secretbox_easy_fuzzer.cc +++ b/projects/libsodium/secretbox_easy_fuzzer.cc @@ -1,4 +1,19 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + #include <assert.h> +#include <stdlib.h> #include <sodium.h> #include "fake_random.h" @@ -17,12 +32,16 @@ extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) { randombytes_buf(nonce, sizeof nonce); size_t ciphertext_len = crypto_secretbox_MACBYTES + size; - unsigned char ciphertext[ciphertext_len]; + unsigned char *ciphertext = (unsigned char *) malloc(ciphertext_len); crypto_secretbox_easy(ciphertext, data, size, nonce, key); - unsigned char decrypted[size]; - crypto_secretbox_open_easy(decrypted, ciphertext, ciphertext_len, nonce, key); + unsigned char *decrypted = (unsigned char *) malloc(size); + int err = crypto_secretbox_open_easy(decrypted, ciphertext, ciphertext_len, nonce, key); + assert(err == 0); + + free((void *) ciphertext); + free((void *) decrypted); return 0; } |