Fuzzer (#446)

author: Felix Weinrank <weinrank@fh-muenster.de> 2020-03-18 00:38:11 +0100
committer: GitHub <noreply@github.com> 2020-03-18 00:38:11 +0100
commit: 7b87cd42ea036919a69acf299601469f2aa79b75 (patch)
tree: e8d3534cde75ec5f9f08839cb54beaa384dda99f
parent: 3212d5413a75d4d039e80874dffd2e44f8087ce4 (diff)
download: usrsctp-7b87cd42ea036919a69acf299601469f2aa79b75.tar.gz
116 files changed, 127 insertions, 137 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ba3b594e..37270d1d 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -259,8 +259,9 @@ elseif (CMAKE_C_COMPILER_ID MATCHES "Clang" OR CMAKE_C_COMPILER_ID MATCHES "Appl
 	endif ()
 
 	if (sctp_build_fuzzer)
+		set(CMAKE_BUILD_TYPE "DEBUG")
 		add_definitions(-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
-		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link")
+		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O1 -fsanitize=fuzzer-no-link")
 	endif ()
 endif ()
 
diff --git a/fuzzer/CORPUS_CONNECT/addip-000000 b/fuzzer/CORPUS_CONNECT/addip-000000
new file mode 100644
index 00000000..e3c24629
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000000
diff --git a/fuzzer/CORPUS_CONNECT/addip-000001 b/fuzzer/CORPUS_CONNECT/addip-000001
new file mode 100644
index 00000000..8fb65088
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000001
diff --git a/fuzzer/CORPUS_CONNECT/addip-000002 b/fuzzer/CORPUS_CONNECT/addip-000002
new file mode 100644
index 00000000..d151a570
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000002
diff --git a/fuzzer/CORPUS_CONNECT/addip-000003 b/fuzzer/CORPUS_CONNECT/addip-000003
new file mode 100644
index 00000000..943b3e39
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000003
diff --git a/fuzzer/CORPUS_CONNECT/addip-000004 b/fuzzer/CORPUS_CONNECT/addip-000004
new file mode 100644
index 00000000..1d05d6fd
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000004
diff --git a/fuzzer/CORPUS_CONNECT/addip-000005 b/fuzzer/CORPUS_CONNECT/addip-000005
new file mode 100644
index 00000000..c67d5527
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000005
diff --git a/fuzzer/CORPUS_CONNECT/addip-000006 b/fuzzer/CORPUS_CONNECT/addip-000006
new file mode 100644
index 00000000..5152f0ac
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000006
diff --git a/fuzzer/CORPUS_CONNECT/addip-000007 b/fuzzer/CORPUS_CONNECT/addip-000007
new file mode 100644
index 00000000..c52c2ceb
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000007
diff --git a/fuzzer/CORPUS_CONNECT/addip-000008 b/fuzzer/CORPUS_CONNECT/addip-000008
new file mode 100644
index 00000000..da1973ae
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000008
diff --git a/fuzzer/CORPUS_CONNECT/addip-000009 b/fuzzer/CORPUS_CONNECT/addip-000009
new file mode 100644
index 00000000..32871149
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000009
diff --git a/fuzzer/CORPUS_CONNECT/addip-000010 b/fuzzer/CORPUS_CONNECT/addip-000010
new file mode 100644
index 00000000..3fe2c742
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000010
diff --git a/fuzzer/CORPUS_CONNECT/addip-000011 b/fuzzer/CORPUS_CONNECT/addip-000011
new file mode 100644
index 00000000..45549541
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/addip-000011
diff --git a/fuzzer/CORPUS_CONNECT/dummy-01 b/fuzzer/CORPUS_CONNECT/dummy-01
new file mode 100644
index 00000000..2648f8f8
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/dummy-01
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000000 b/fuzzer/CORPUS_CONNECT/rtcweb-000000
index fd2da797..396919d0 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000000
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000000
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000001 b/fuzzer/CORPUS_CONNECT/rtcweb-000001
index 45b146bf..49278b30 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000001
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000001
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000002 b/fuzzer/CORPUS_CONNECT/rtcweb-000002
index 33e104dc..af1c8d35 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000002
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000002
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000003 b/fuzzer/CORPUS_CONNECT/rtcweb-000003
index 72b58fb6..737a8023 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000003
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000003
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000004 b/fuzzer/CORPUS_CONNECT/rtcweb-000004
index f2b4c32e..b541433d 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000004
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000004
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000005 b/fuzzer/CORPUS_CONNECT/rtcweb-000005
index 1d90724b..48746cbb 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000005
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000005
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000006 b/fuzzer/CORPUS_CONNECT/rtcweb-000006
index dba0fb24..2979d6c9 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000006
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000006
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000007 b/fuzzer/CORPUS_CONNECT/rtcweb-000007
index 154b6f0a..35000702 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000007
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000007
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000008 b/fuzzer/CORPUS_CONNECT/rtcweb-000008
index 820eadef..f34d983d 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000008
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000008
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000009 b/fuzzer/CORPUS_CONNECT/rtcweb-000009
index 5b06d525..a16bf61e 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000009
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000009
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000010 b/fuzzer/CORPUS_CONNECT/rtcweb-000010
index 31c58311..0c77ccbf 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000010
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000010
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000011 b/fuzzer/CORPUS_CONNECT/rtcweb-000011
index d43bd7dd..a29822bc 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000011
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000011
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000012 b/fuzzer/CORPUS_CONNECT/rtcweb-000012
index adea816b..588a6849 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000012
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000012
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000013 b/fuzzer/CORPUS_CONNECT/rtcweb-000013
index 9e4a585f..825816bb 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000013
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000013
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000014 b/fuzzer/CORPUS_CONNECT/rtcweb-000014
index f9b46492..94e3b062 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000014
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000014
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000015 b/fuzzer/CORPUS_CONNECT/rtcweb-000015
index 3fedd69a..913ffa2b 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000015
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000015
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000016 b/fuzzer/CORPUS_CONNECT/rtcweb-000016
index dcb85000..d5dfc52e 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000016
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000016
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000017 b/fuzzer/CORPUS_CONNECT/rtcweb-000017
index 5c32e8fd..634f8866 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000017
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000017
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000018 b/fuzzer/CORPUS_CONNECT/rtcweb-000018
index cad34eb5..9f51d75c 100644
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000018
+++ b/fuzzer/CORPUS_CONNECT/rtcweb-000018
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000019 b/fuzzer/CORPUS_CONNECT/rtcweb-000019
deleted file mode 100644
index 47925c52..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000019
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000020 b/fuzzer/CORPUS_CONNECT/rtcweb-000020
deleted file mode 100644
index c01b3cb2..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000020
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000021 b/fuzzer/CORPUS_CONNECT/rtcweb-000021
deleted file mode 100644
index 7d12252c..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000021
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000022 b/fuzzer/CORPUS_CONNECT/rtcweb-000022
deleted file mode 100644
index 1ca33f62..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000022
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000023 b/fuzzer/CORPUS_CONNECT/rtcweb-000023
deleted file mode 100644
index 378395b1..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000023
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000024 b/fuzzer/CORPUS_CONNECT/rtcweb-000024
deleted file mode 100644
index 03e955a5..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000024
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000025 b/fuzzer/CORPUS_CONNECT/rtcweb-000025
deleted file mode 100644
index 572f005c..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000025
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000026 b/fuzzer/CORPUS_CONNECT/rtcweb-000026
deleted file mode 100644
index be5d773d..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000026
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000027 b/fuzzer/CORPUS_CONNECT/rtcweb-000027
deleted file mode 100644
index a1da0f94..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000027
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/rtcweb-000028 b/fuzzer/CORPUS_CONNECT/rtcweb-000028
deleted file mode 100644
index 8ff6e498..00000000
--- a/fuzzer/CORPUS_CONNECT/rtcweb-000028
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000000 b/fuzzer/CORPUS_CONNECT/tsctp-000000
index 63a01fc4..51f0a6fa 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000000
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000000
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000001 b/fuzzer/CORPUS_CONNECT/tsctp-000001
index 2db572e9..c246e4ea 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000001
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000001
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000002 b/fuzzer/CORPUS_CONNECT/tsctp-000002
index 336a4481..4dd93f1c 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000002
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000002
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000004 b/fuzzer/CORPUS_CONNECT/tsctp-000004
index 840eedf3..0ae84fcd 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000004
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000004
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000005 b/fuzzer/CORPUS_CONNECT/tsctp-000005
index e540d44e..0a15a24f 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000005
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000005
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000006 b/fuzzer/CORPUS_CONNECT/tsctp-000006
index 00019dc4..d64c7244 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000006
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000006
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000007 b/fuzzer/CORPUS_CONNECT/tsctp-000007
index c7f499d3..51feb520 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000007
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000007
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000008 b/fuzzer/CORPUS_CONNECT/tsctp-000008
index 94d5c0bd..a3902153 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000008
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000008
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000009 b/fuzzer/CORPUS_CONNECT/tsctp-000009
index 4d49f378..634f8866 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000009
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000009
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000010 b/fuzzer/CORPUS_CONNECT/tsctp-000010
index 2829bb6a..9f51d75c 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000010
+++ b/fuzzer/CORPUS_CONNECT/tsctp-000010
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000011 b/fuzzer/CORPUS_CONNECT/tsctp-000011
deleted file mode 100644
index a3999314..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000011
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000012 b/fuzzer/CORPUS_CONNECT/tsctp-000012
deleted file mode 100644
index c81a1768..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000012
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000013 b/fuzzer/CORPUS_CONNECT/tsctp-000013
deleted file mode 100644
index 9457b75d..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000013
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000014 b/fuzzer/CORPUS_CONNECT/tsctp-000014
deleted file mode 100644
index 777f11b5..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000014
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000015 b/fuzzer/CORPUS_CONNECT/tsctp-000015
deleted file mode 100644
index e749a26e..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000015
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000016 b/fuzzer/CORPUS_CONNECT/tsctp-000016
deleted file mode 100644
index ed8f9fc0..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000016
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000017 b/fuzzer/CORPUS_CONNECT/tsctp-000017
deleted file mode 100644
index 1b15ab19..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000017
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000020 b/fuzzer/CORPUS_CONNECT/tsctp-000020
deleted file mode 100644
index 69d60102..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000020
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000021 b/fuzzer/CORPUS_CONNECT/tsctp-000021
deleted file mode 100644
index 1c09a6b5..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000021
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000022 b/fuzzer/CORPUS_CONNECT/tsctp-000022
deleted file mode 100644
index 22317e0c..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000022
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000024 b/fuzzer/CORPUS_CONNECT/tsctp-000024
deleted file mode 100644
index b12abccd..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000024
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000025 b/fuzzer/CORPUS_CONNECT/tsctp-000025
deleted file mode 100644
index 9afda34a..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000025
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000026 b/fuzzer/CORPUS_CONNECT/tsctp-000026
deleted file mode 100644
index 85ddaf14..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000026
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000027 b/fuzzer/CORPUS_CONNECT/tsctp-000027
deleted file mode 100644
index ce9027d9..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000027
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000028 b/fuzzer/CORPUS_CONNECT/tsctp-000028
deleted file mode 100644
index be158357..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000028
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000029 b/fuzzer/CORPUS_CONNECT/tsctp-000029
deleted file mode 100644
index e7338b70..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000029
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000030 b/fuzzer/CORPUS_CONNECT/tsctp-000030
deleted file mode 100644
index 21ee7c2f..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000030
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000031 b/fuzzer/CORPUS_CONNECT/tsctp-000031
deleted file mode 100644
index bb605880..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000031
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000032 b/fuzzer/CORPUS_CONNECT/tsctp-000032
deleted file mode 100644
index 77e2e6bd..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000032
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000033 b/fuzzer/CORPUS_CONNECT/tsctp-000033
deleted file mode 100644
index b6d636be..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000033
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000034 b/fuzzer/CORPUS_CONNECT/tsctp-000034
deleted file mode 100644
index 9ab1e1c7..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000034
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000035 b/fuzzer/CORPUS_CONNECT/tsctp-000035
deleted file mode 100644
index 8fb42d35..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000035
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000036 b/fuzzer/CORPUS_CONNECT/tsctp-000036
deleted file mode 100644
index cdd9e2b5..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000036
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000037 b/fuzzer/CORPUS_CONNECT/tsctp-000037
deleted file mode 100644
index e9db8bb4..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000037
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000038 b/fuzzer/CORPUS_CONNECT/tsctp-000038
deleted file mode 100644
index 634f8866..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000038
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000039 b/fuzzer/CORPUS_CONNECT/tsctp-000039
deleted file mode 100644
index 9f51d75c..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000039
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000040 b/fuzzer/CORPUS_CONNECT/tsctp-000040
deleted file mode 100644
index 2e9f0c11..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000040
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000041 b/fuzzer/CORPUS_CONNECT/tsctp-000041
deleted file mode 100644
index 25d1d45b..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000041
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000042 b/fuzzer/CORPUS_CONNECT/tsctp-000042
deleted file mode 100644
index 5584a88f..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000042
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000043 b/fuzzer/CORPUS_CONNECT/tsctp-000043
deleted file mode 100644
index 737a8023..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000043
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000044 b/fuzzer/CORPUS_CONNECT/tsctp-000044
deleted file mode 100644
index 4c05e6ea..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000044
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000045 b/fuzzer/CORPUS_CONNECT/tsctp-000045
deleted file mode 100644
index 702654ce..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000045
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000046 b/fuzzer/CORPUS_CONNECT/tsctp-000046
deleted file mode 100644
index 768a6718..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000046
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000047 b/fuzzer/CORPUS_CONNECT/tsctp-000047
deleted file mode 100644
index 66de2ee5..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000047
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000048 b/fuzzer/CORPUS_CONNECT/tsctp-000048
deleted file mode 100644
index 6d54d1a8..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000048
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000049 b/fuzzer/CORPUS_CONNECT/tsctp-000049
deleted file mode 100644
index 8a3102f7..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000049
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000050 b/fuzzer/CORPUS_CONNECT/tsctp-000050
deleted file mode 100644
index 248cc34b..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000050
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000051 b/fuzzer/CORPUS_CONNECT/tsctp-000051
deleted file mode 100644
index ae524182..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000051
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000052 b/fuzzer/CORPUS_CONNECT/tsctp-000052
deleted file mode 100644
index df60fbeb..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000052
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000053 b/fuzzer/CORPUS_CONNECT/tsctp-000053
deleted file mode 100644
index 2463c07b..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000053
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000054 b/fuzzer/CORPUS_CONNECT/tsctp-000054
deleted file mode 100644
index 443a1af1..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000054
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000055 b/fuzzer/CORPUS_CONNECT/tsctp-000055
deleted file mode 100644
index fa44635c..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000055
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000056 b/fuzzer/CORPUS_CONNECT/tsctp-000056
deleted file mode 100644
index 077e89de..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000056
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000057 b/fuzzer/CORPUS_CONNECT/tsctp-000057
deleted file mode 100644
index 634f8866..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000057
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000058 b/fuzzer/CORPUS_CONNECT/tsctp-000058
deleted file mode 100644
index 9f51d75c..00000000
--- a/fuzzer/CORPUS_CONNECT/tsctp-000058
+++ /dev/null
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000000 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000000
new file mode 100644
index 00000000..bb4b4dab
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000000
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000001 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000001
new file mode 100644
index 00000000..6cf7ae9f
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000001
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000002 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000002
new file mode 100644
index 00000000..7d005cbd
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000002
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000023 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000003
index 737a8023..737a8023 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000023
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000003
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000004 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000004
new file mode 100644
index 00000000..dd6bd0d1
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000004
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000005 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000005
new file mode 100644
index 00000000..89af0f1a
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000005
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000006 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000006
new file mode 100644
index 00000000..253866f1
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000006
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000007 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000007
new file mode 100644
index 00000000..997f5272
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000007
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-i-data-000008 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000008
new file mode 100644
index 00000000..3cb69ad7
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000008
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000018 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000009
index 634f8866..634f8866 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000018
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000009
diff --git a/fuzzer/CORPUS_CONNECT/tsctp-000019 b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000010
index 9f51d75c..9f51d75c 100644
--- a/fuzzer/CORPUS_CONNECT/tsctp-000019
+++ b/fuzzer/CORPUS_CONNECT/tsctp-i-data-000010
diff --git a/fuzzer/build-fuzzer.sh b/fuzzer/build-fuzzer.sh
index e6cb6bc7..8016ec49 100755
--- a/fuzzer/build-fuzzer.sh
+++ b/fuzzer/build-fuzzer.sh
@@ -41,7 +41,7 @@ pwd
 find . -iwholename '*cmake*' -not -name CMakeLists.txt -delete
 
 # Build with ASAN / MSAN
-cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_address=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" -DCMAKE_BUILD_TYPE=Debug .
-#cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_memory=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" -DCMAKE_BUILD_TYPE=RelWithDebInfo .
+cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_address=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" .
+#cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_memory=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" .
 
 make -j"$NPROC"
diff --git a/fuzzer/check-input.sh b/fuzzer/check-input.sh
index 31f117a0..fbcbe264 100755
--- a/fuzzer/check-input.sh
+++ b/fuzzer/check-input.sh
@@ -18,7 +18,7 @@ echo "########## Beginning Fuzzer Chain"
 echo ""
 
 set +e
-./fuzzer_connect_multi_verbose -timeout=30 $1 > $1.log 2>&1
+./fuzzer_connect_multi_verbose -timeout=10 $1 > $1.log 2>&1
 FUZZER_RETVAL=$?
 set -e
 
diff --git a/fuzzer/crashtest.py b/fuzzer/crashtest.py
index ce51e0af..5338db09 100755
--- a/fuzzer/crashtest.py
+++ b/fuzzer/crashtest.py
@@ -5,7 +5,6 @@ import os
 import re
 
 reportdir = "reports/"
-fuzzer = "./fuzzer_connect_multi"
 
 class bcolors:
 	HEADER = '\033[95m'
diff --git a/fuzzer/fuzzer_connect.c b/fuzzer/fuzzer_connect.c
index 79505db6..be44941d 100644
--- a/fuzzer/fuzzer_connect.c
+++ b/fuzzer/fuzzer_connect.c
@@ -39,9 +39,16 @@
 
 //#define FUZZ_VERBOSE
 #define FUZZ_INTERLEAVING
-//#define FUZZ_EXPLICIT_EOR
 #define FUZZ_STREAM_RESET
-#define FUZZ_DISABLE_LINGER
+
+#define FUZZ_B_INJECT_INIT_ACK        (1 << 0)
+#define FUZZ_B_INJECT_COOKIE_ACK      (1 << 1)
+#define FUZZ_B_SEND_DATA              (1 << 2)
+#define FUZZ_B_SEND_STREAM_RESET      (1 << 3)
+#define FUZZ_B_INJECT_DATA            (1 << 4)
+#define FUZZ_B_I_DATA_SUPPORT         (1 << 5)
+#define FUZZ_B_RESERVED1              (1 << 6)
+#define FUZZ_B_RESERVED2              (1 << 7)
 
 #define BUFFER_SIZE 4096
 #define COMMON_HEADER_SIZE 12
@@ -70,6 +77,7 @@ dump_packet(const void *buffer, size_t bufferlen, int inout) {
 #endif // FUZZ_VERBOSE
 }
 
+
 static int
 conn_output(void *addr, void *buf, size_t length, uint8_t tos, uint8_t set_df)
 {
@@ -176,7 +184,7 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 		SCTP_STREAM_CHANGE_EVENT,
 		SCTP_SEND_FAILED_EVENT
 	};
-	int enable;
+	int optval;
 	int result;
 	struct sctp_initmsg initmsg;
 #if defined(FUZZ_STREAM_RESET) || defined(FUZZ_INTERLEAVING)
@@ -184,52 +192,41 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 #endif // defined(FUZZ_STREAM_RESET) || defined(FUZZ_INTERLEAVING)
 
 	// WITH COMMON HEADER!
-	char fuzz_init_ack[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00\x02\x00\x01\xf8" \
-		"\xc7\xa1\xb0\x4d\x00\x1c\x71\xc7\x00\x0a\xff\xff\x03\x91\x94\x1b" \
-		"\x80\x00\x00\x04\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80" \
-		"\x82\x00\x00\x00\x80\x02\x00\x24\x61\x6c\x7e\x52\x2a\xdb\xe0\xa2" \
-		"\xaa\x78\x25\x1e\x12\xc5\x01\x9e\x4c\x60\x16\xdf\x01\x6d\xa1\xd5" \
-		"\xcd\xbe\xa7\x5d\xa2\x73\xf4\x1b\x80\x04\x00\x08\x00\x03\x00\x01" \
-		"\x80\x03\x00\x07\x00\x80\xc1\x00\x00\x06\x00\x14\x2a\x02\xc6\xa0" \
-		"\x40\x15\x00\x11\x00\x00\x00\x00\x00\x00\x00\x83\x00\x05\x00\x08" \
-		"\xd4\xc9\x79\x53\x00\x07\x01\x80\x4b\x41\x4d\x45\x2d\x42\x53\x44" \
-		"\x20\x31\x2e\x31\x00\x00\x00\x00\x64\x11\x49\x00\x00\x00\x00\x00" \
-		"\xac\xde\x0c\x00\x00\x00\x00\x00\x60\xea\x00\x00\x00\x00\x00\x00" \
-		"\x00\x00\x00\x00\xb2\xd4\x38\x45\xc7\xa1\xb0\x4d\xd4\xc9\x79\x52" \
+	char fuzz_init_ack[] = "\x13\x89\x13\x88\x49\xa4\xac\xb2\x00\x00\x00\x00\x02\x00\x01\xb4" \
+		"\x2b\xe8\x47\x40\x00\x1c\x71\xc7\xff\xff\xff\xff\xed\x69\x58\xec" \
+		"\xc0\x06\x00\x08\x00\x00\x07\xc4\x80\x00\x00\x04\xc0\x00\x00\x04" \
+		"\x80\x08\x00\x0b\xc0\xc2\x0f\xc1\x80\x82\x40\x00\x80\x02\x00\x24" \
+		"\x40\x39\xcf\x32\xd6\x60\xcf\xfa\x3f\x2f\xa9\x52\xed\x2b\xf2\xe6" \
+		"\x2f\xb7\x81\x96\xf8\xda\xe9\xa0\x62\x01\x79\xe1\x0d\x5f\x38\xaa" \
+		"\x80\x04\x00\x08\x00\x03\x00\x01\x80\x03\x00\x06\x80\xc1\x00\x00" \
+		"\x00\x07\x01\x50\x4b\x41\x4d\x45\x2d\x42\x53\x44\x20\x31\x2e\x31" \
+		"\x00\x00\x00\x00\x64\xdb\x63\x00\x00\x00\x00\x00\xc9\x76\x03\x00" \
+		"\x00\x00\x00\x00\x60\xea\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
+		"\xb2\xac\xa4\x49\x2b\xe8\x47\x40\xd4\xc9\x79\x52\x00\x00\x00\x00" \
+		"\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\xd4\xc9\x79\x53" \
 		"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00" \
-		"\xd4\xc9\x79\x53\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
-		"\x05\x00\x00\x00\x00\x00\x00\x00\xd9\x05\x13\x89\x01\x01\x00\x00" \
-		"\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x80\x45\x38\xd4\xb2" \
-		"\x00\x1c\x71\xc7\x00\x01\xff\xff\xac\x40\x9b\x94\x80\x00\x00\x04" \
-		"\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80\x82\x00\x00\x00" \
-		"\x80\x02\x00\x24\xc8\x24\x46\x8c\x7e\x88\x2e\xb7\x88\x8b\xdd\xa1" \
-		"\x55\x8b\xb4\xc0\x26\xe3\x21\xbb\xb0\x66\xfd\xb2\xd4\xde\xf9\x77" \
-		"\x4f\xe4\x7c\xbf\x80\x04\x00\x08\x00\x03\x00\x01\x80\x03\x00\x07" \
-		"\x00\x80\xc1\x00\x00\x0c\x00\x08\x00\x05\x00\x06\x00\x06\x00\x14" \
-		"\x2a\x02\xc6\xa0\x40\x15\x00\x11\x00\x00\x00\x00\x00\x00\x00\x82" \
-		"\x00\x05\x00\x08\xd4\xc9\x79\x52\x02\x00\x01\xf8\xc7\xa1\xb0\x4d" \
-		"\x00\x1c\x71\xc7\x00\x01\xff\xff\x03\x91\x94\x1b\x80\x00\x00\x04" \
-		"\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80\x82\x00\x00\x00" \
-		"\x80\x02\x00\x24\x61\x6c\x7e\x52\x2a\xdb\xe0\xa2\xaa\x78\x25\x1e" \
-		"\x12\xc5\x01\x9e\x4c\x60\x16\xdf\x01\x6d\xa1\xd5\xcd\xbe\xa7\x5d" \
-		"\xa2\x73\xf4\x1b\x80\x04\x00\x08\x00\x03\x00\x01\x80\x03\x00\x07" \
-		"\x00\x80\xc1\x00\x00\x06\x00\x14\x2a\x02\xc6\xa0\x40\x15\x00\x11" \
-		"\x00\x00\x00\x00\x00\x00\x00\x83\x00\x05\x00\x08\xd4\xc9\x79\x53" \
-		"\x64\x30\x8a\xb9\x7c\xe5\x93\x69\x52\xa9\xc8\xd5\xa1\x1b\x7d\xef" \
-		"\xea\xfa\x23\x32";
+		"\x00\x00\x00\x00\x5a\x76\x13\x89\x01\x00\x00\x00\x00\x00\x00\x00" \
+		"\x00\x00\x00\x00\x01\x00\x00\x62\x49\xa4\xac\xb2\x00\x1c\x71\xc7" \
+		"\x00\x01\xff\xff\x82\xe6\xc8\x44\x80\x00\x00\x04\xc0\x00\x00\x04" \
+		"\x80\x08\x00\x0b\xc0\xc2\x0f\xc1\x80\x82\x40\x00\x80\x02\x00\x24" \
+		"\xb6\xbb\xb5\x7f\xbb\x4b\x0e\xb5\x42\xf6\x75\x18\x4f\x79\x0f\x24" \
+		"\x1c\x44\x0b\xd6\x62\xa9\x84\xe7\x2c\x3c\x7f\xad\x1b\x67\x81\x57" \
+		"\x80\x04\x00\x08\x00\x03\x00\x01\x80\x03\x00\x06\x80\xc1\x00\x00" \
+		"\x00\x0c\x00\x06\x00\x05\x00\x00\x02\x00\x01\xb4\x2b\xe8\x47\x40" \
+		"\x00\x1c\x71\xc7\x00\x01\xff\xff\xed\x69\x58\xec\xc0\x06\x00\x08" \
+		"\x00\x00\x07\xc4\x80\x00\x00\x04\xc0\x00\x00\x04\x80\x08\x00\x0b" \
+		"\xc0\xc2\x0f\xc1\x80\x82\x40\x00\x80\x02\x00\x24\x40\x39\xcf\x32" \
+		"\xd6\x60\xcf\xfa\x3f\x2f\xa9\x52\xed\x2b\xf2\xe6\x2f\xb7\x81\x96" \
+		"\xf8\xda\xe9\xa0\x62\x01\x79\xe1\x0d\x5f\x38\xaa\x80\x04\x00\x08" \
+		"\x00\x03\x00\x01\x80\x03\x00\x06\x80\xc1\x00\x00\x81\xe1\x1e\x81" \
+		"\xea\x41\xeb\xf0\x12\xd9\x74\xbe\x13\xfd\x4b\x6c\x5c\xa2\x8f\x00";
 
 	// WITH COMMON HEADER!
 	char fuzz_cookie_ack[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00\x0b\x00\x00\x04";
 
 	// WITH COMMON HEADER!
-	char fuzz_abort[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00\x06\x00\x00\x08\x00\x0c\x00\x04";
-
-	// WITH COMMON HEADER!
-	char fuzz_i_data[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00" \
-		"\x00\x1b\x04\x42\xa3\x58\x90\xe2\xba\x9e\x8c\xfc\x08\x00\x45\x02" \
-		"\x04\x34\x00\x00\x40\x00\x40\x84\x9a\x0b\xd4\xc9\x79\x52\xd4\xc9" \
-		"\x79\x53\x65\x75\x13\x89\x11\x97\x93\x37\x26\x6c\xb7\x65\x40\x02" \
-		"\x04\x14\x96\xff\xad\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
+	char fuzz_i_data[] = "\x13\x89\x13\x88\x07\x01\x6c\xd3\x00\x00\x00\x00\x40\x03" \
+		"\x00\xdc\x2d\x2b\x46\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
 		"\x00\x27\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
@@ -242,6 +239,11 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41";
+
+	// WITH COMMON HEADER!
+	char fuzz_data[] = "\x13\x89\x13\x88\x27\xc4\xbf\xdf\x00\x00\x00\x00\x00\x03" \
+		"\x00\xd8\x79\x64\xb7\xc1\x00\x00\x00\x00\x00\x00\x00\x27\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
@@ -254,47 +256,8 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
 		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
-		"\x41\x41";
+		"\x41\x41\x41\x41\x41\x41";
+
 
 	char fuzz_common_header[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00";
 
@@ -326,7 +289,6 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 	assert(result == 0);
 
 	memset(&event, 0, sizeof(event));
-	event.se_assoc_id = SCTP_ALL_ASSOC;
 	event.se_on = 1;
 	for (i = 0; i < (sizeof(event_types) / sizeof(uint16_t)); i++) {
 		event.se_type = event_types[i];
@@ -334,19 +296,13 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 		assert(result == 0);
 	}
 
-	enable = 1;
-	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_RECVRCVINFO, &enable, sizeof(enable));
-	assert(result == 0);
-
-	enable = 1;
-	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_RECVNXTINFO, &enable, sizeof(enable));
+	optval = 1;
+	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_RECVRCVINFO, &optval, sizeof(optval));
 	assert(result == 0);
 
-#if defined(FUZZ_EXPLICIT_EOR)
-	enable = 1;
-	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_EXPLICIT_EOR, &enable, sizeof(enable));
+	optval = 1;
+	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_RECVNXTINFO, &optval, sizeof(optval));
 	assert(result == 0);
-#endif // defined(FUZZ_EXPLICIT_EOR)
 
 #if defined(FUZZ_STREAM_RESET)
 	assoc_val.assoc_id = SCTP_ALL_ASSOC;
@@ -359,14 +315,17 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 #if !defined(SCTP_INTERLEAVING_SUPPORTED)
 #define SCTP_INTERLEAVING_SUPPORTED 0x00001206
 #endif // !defined(SCTP_INTERLEAVING_SUPPORTED)
-	enable = 2;
-	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_FRAGMENT_INTERLEAVE, &enable, sizeof(enable));
-	assert(result == 0);
 
-	memset(&assoc_val, 0, sizeof(assoc_val));
-	assoc_val.assoc_value = 1;
-	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_INTERLEAVING_SUPPORTED, &assoc_val, sizeof(assoc_val));
-	assert(result == 0);
+	if (data[0] & FUZZ_B_I_DATA_SUPPORT) {
+		optval = 2;
+		result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_FRAGMENT_INTERLEAVE, &optval, sizeof(optval));
+		assert(result == 0);
+
+		memset(&assoc_val, 0, sizeof(assoc_val));
+		assoc_val.assoc_value = 1;
+		result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_INTERLEAVING_SUPPORTED, &assoc_val, sizeof(assoc_val));
+		assert(result == 0);
+	}
 #endif // defined(FUZZ_INTERLEAVING)
 
 	memset((void *)&bind6, 0, sizeof(struct sockaddr_in6));
@@ -380,6 +339,11 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 	result = usrsctp_bind(socket_client, (struct sockaddr *)&bind6, sizeof(bind6));
 	assert(result == 0);
 
+	// Disable Nagle.
+	optval = 1;
+	result = usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_NODELAY, &optval, sizeof(optval));
+	assert(result == 0);
+
 	usrsctp_set_upcall(socket_client, handle_upcall, NULL);
 
 	memset(&sconn, 0, sizeof(struct sockaddr_conn));
@@ -394,17 +358,17 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 	result = usrsctp_connect(socket_client, (struct sockaddr *)&sconn, sizeof(struct sockaddr_conn));
 	assert(result == 0 || errno == EINPROGRESS);
 
-	if (data[0] & (1 << 0)) {
+	if (data[0] & FUZZ_B_INJECT_INIT_ACK) {
 		fuzzer_printf("Injecting INIT-ACK\n");
 
 		common_header = (struct sctp_common_header*) fuzz_init_ack;
 		common_header->verification_tag = assoc_vtag;
 
-		dump_packet(fuzz_init_ack, 516, SCTP_DUMP_INBOUND);
-		usrsctp_conninput((void *)1, fuzz_init_ack, 516, 0);
+		dump_packet(fuzz_init_ack, 448, SCTP_DUMP_INBOUND);
+		usrsctp_conninput((void *)1, fuzz_init_ack, 448, 0);
 	}
 
-	if (data[0] & (1 << 1)) {
+	if (data[0] & FUZZ_B_INJECT_COOKIE_ACK) {
 		fuzzer_printf("Injecting COOKIE-ACK\n");
 
 		common_header = (struct sctp_common_header*) fuzz_cookie_ack;
@@ -414,32 +378,18 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 		usrsctp_conninput((void *)1, fuzz_cookie_ack, 16, 0);
 	}
 
-	// Required: INIT-ACK and COOKIE-ACK
-	if (data[0] & (1 << 0) &&
-		data[0] & (1 << 1) &&
-		data[0] & (1 << 2)) {
+	if (data[0] & FUZZ_B_INJECT_INIT_ACK &&
+		data[0] & FUZZ_B_INJECT_COOKIE_ACK &&
+		data[0] & FUZZ_B_SEND_DATA) {
 		const char *sendbuffer = "Geologie ist keine richtige Wissenschaft!";
 		fuzzer_printf("Calling usrsctp_sendv()\n");
 		usrsctp_sendv(socket_client, sendbuffer, strlen(sendbuffer), NULL, 0, NULL, 0, SCTP_SENDV_NOINFO, 0);
 	}
 
 	// Required: INIT-ACK and COOKIE-ACK
-	if (data[0] & (1 << 0) &&
-		data[0] & (1 << 1) &&
-		data[0] & (1 << 3)) {
-		fuzzer_printf("Injecting I-DATA\n");
-
-		common_header = (struct sctp_common_header*) fuzz_i_data;
-		common_header->verification_tag = assoc_vtag;
-
-		dump_packet(fuzz_i_data, 1102, SCTP_DUMP_INBOUND);
-		usrsctp_conninput((void *)1, fuzz_i_data, 1102, 0);
-	}
-
-	// Required: INIT-ACK and COOKIE-ACK
-	if (data[0] & (1 << 0) &&
-		data[0] & (1 << 1) &&
-		data[0] & (1 << 4)) {
+	if (data[0] & FUZZ_B_INJECT_INIT_ACK &&
+		data[0] & FUZZ_B_INJECT_COOKIE_ACK &&
+		data[0] & FUZZ_B_SEND_STREAM_RESET) {
 		fuzzer_printf("Sending Stream Reset for all streams\n");
 
 		struct sctp_reset_streams srs;
@@ -449,6 +399,26 @@ LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 		assert(result == 0);
 	}
 
+	// Required: INIT-ACK and COOKIE-ACK
+	if (data[0] & FUZZ_B_INJECT_INIT_ACK &&
+		data[0] & FUZZ_B_INJECT_COOKIE_ACK &&
+		data[0] & FUZZ_B_INJECT_DATA) {
+
+		if (data[0] & FUZZ_B_I_DATA_SUPPORT) {
+			fuzzer_printf("Injecting I-DATA\n");
+			common_header = (struct sctp_common_header*) fuzz_i_data;
+			common_header->verification_tag = assoc_vtag;
+			dump_packet(fuzz_i_data, 232, SCTP_DUMP_INBOUND);
+			usrsctp_conninput((void *)1, fuzz_i_data, 232, 0);
+		} else {
+			fuzzer_printf("Injecting DATA\n");
+			common_header = (struct sctp_common_header*) fuzz_data;
+			common_header->verification_tag = assoc_vtag;
+			dump_packet(fuzz_data, 228, SCTP_DUMP_INBOUND);
+			usrsctp_conninput((void *)1, fuzz_data, 228, 0);
+		}
+	}
+
 	fuzz_packet_buffer = malloc(data_size - 1 + COMMON_HEADER_SIZE);
 	memcpy(fuzz_packet_buffer, fuzz_common_header, COMMON_HEADER_SIZE); // common header
 	memcpy(fuzz_packet_buffer + COMMON_HEADER_SIZE, data + 1, data_size - 1);
diff --git a/fuzzer/fuzzer_connect_multi.sh b/fuzzer/fuzzer_connect_multi.sh
index 4e2f9201..27b4a675 100755
--- a/fuzzer/fuzzer_connect_multi.sh
+++ b/fuzzer/fuzzer_connect_multi.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0:detect_leaks=1
+#export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0:detect_leaks=1
 ulimit -c unlimited
 mkdir -p CORPUS_CONNECT
 
@@ -19,4 +19,4 @@ fi
 echo "$NPROC"
 
 
-./fuzzer_connect_multi -jobs=64 -timeout=10 -max_len=32000 CORPUS_CONNECT
+./fuzzer_connect_multi -jobs=64 -timeout=10 -max_len=32000 -use_value_profile=1 CORPUS_CONNECT
diff --git a/programs/programs_helper.c b/programs/programs_helper.c
index 49185c25..0883740f 100644
--- a/programs/programs_helper.c
+++ b/programs/programs_helper.c
@@ -52,10 +52,24 @@ void
 debug_printf_stack(const char *format, ...)
 {
 	va_list ap;
+	char charbuf[1024];
+	static struct timeval time_main;
+	struct timeval time_now;
+	struct timeval time_delta;
+
+	if (time_main.tv_sec == 0  && time_main.tv_usec == 0) {
+		gettimeofday(&time_main, NULL);
+	}
+
+	gettimeofday(&time_now, NULL);
+	timersub(&time_now, &time_main, &time_delta);
 
 	va_start(ap, format);
-	vprintf(format, ap);
+	//vfprintf(stderr, format, ap);
+	vsnprintf(charbuf, 1024, format, ap);
 	va_end(ap);
+
+	fprintf(stderr, "[S][%u.%03u] %s", (unsigned int) time_delta.tv_sec, (unsigned int) time_delta.tv_usec / 1000, charbuf);
 }
 
 static void
diff --git a/usrsctplib/CMakeLists.txt b/usrsctplib/CMakeLists.txt
index d6652c1c..3cc425ea 100644
--- a/usrsctplib/CMakeLists.txt
+++ b/usrsctplib/CMakeLists.txt
@@ -43,6 +43,8 @@ set(includedir 				${prefix}/include/usrsctp)
 set(CMAKE_REQUIRED_INCLUDES ${CMAKE_CURRENT_SOURCE_DIR})
 set(CMAKE_MACOSX_RPATH 		1)
 
+include(CheckCCompilerFlag)
+
 add_definitions(-D__Userspace__)
 add_definitions(-D__Userspace_os_${CMAKE_SYSTEM_NAME})
 add_definitions(-DSCTP_SIMPLE_ALLOCATOR)
@@ -53,11 +55,16 @@ add_definitions(-DSCTP_PROCESS_LEVEL_LOCKS)
 # OS DEPENDENT
 #################################################
 
-check_c_compiler_flag(-Wno-address-of-packed-member has_wno_address_of_packet_member)
-if (has_wno_address_of_packet_member)
+check_c_compiler_flag(-Wno-address-of-packed-member has_wno_address_of_packed_member)
+if (has_wno_address_of_packed_member)
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-address-of-packed-member")
 endif ()
 
+check_c_compiler_flag(-Wno-deprecated-declarations has_wno_deprecated_declarations)
+if (has_wno_deprecated_declarations)
+	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-deprecated-declarations")
+endif ()
+
 if (CMAKE_SYSTEM_NAME MATCHES "Linux")
 	add_definitions(-D_GNU_SOURCE)
 endif ()
@@ -69,7 +76,6 @@ endif ()
 if (CMAKE_SYSTEM_NAME MATCHES "Darwin")
 	add_definitions(-U__APPLE__)
 	add_definitions(-D__APPLE_USE_RFC_2292)
-	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-deprecated-declarations")
 endif ()
 
 if (CMAKE_SYSTEM_NAME MATCHES "DragonFly")
author	Felix Weinrank <weinrank@fh-muenster.de>	2020-03-18 00:38:11 +0100
committer	GitHub <noreply@github.com>	2020-03-18 00:38:11 +0100
commit	7b87cd42ea036919a69acf299601469f2aa79b75 (patch)
tree	e8d3534cde75ec5f9f08839cb54beaa384dda99f
parent	3212d5413a75d4d039e80874dffd2e44f8087ce4 (diff)
download	usrsctp-7b87cd42ea036919a69acf299601469f2aa79b75.tar.gz