[openssl/openssl] ee7729: Add quic client fuzzer.
Matt Caswell
noreply at github.com
Mon Oct 23 09:17:18 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: ee7729ed4cfcfb95a3fc0aaa184ed624f3fb7eaa
https://github.com/openssl/openssl/commit/ee7729ed4cfcfb95a3fc0aaa184ed624f3fb7eaa
Author: Kurt Roeckx <kurt at roeckx.be>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M fuzz/build.info
A fuzz/quic-client.c
Log Message:
-----------
Add quic client fuzzer.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 5415383d2c7e8ee8147eb01361f3f952ceec3761
https://github.com/openssl/openssl/commit/5415383d2c7e8ee8147eb01361f3f952ceec3761
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M ssl/quic/quic_record_rx.c
M ssl/quic/quic_record_tx.c
M ssl/quic/quic_wire_pkt.c
Log Message:
-----------
Don't encrypt/decrypt packet data during fuzzing
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: acee7d68e1037d18f34d03bcd70af6b1b6e48299
https://github.com/openssl/openssl/commit/acee7d68e1037d18f34d03bcd70af6b1b6e48299
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M fuzz/quic-client.c
Log Message:
-----------
Updates to the quic client fuzzer
Handle retryable errors from SSL_read(). Also ensure the underlying BIO
handles the destination address capability.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: b62ac1abfcac4091cdf8e5e4194c9e3bcc6d382d
https://github.com/openssl/openssl/commit/b62ac1abfcac4091cdf8e5e4194c9e3bcc6d382d
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M ssl/quic/quic_channel.c
Log Message:
-----------
Don't fail on a bad dcid in the tranport params when fuzzing
We accept a bad original destination connection id in the transport params
while we are fuzzing since this may change every time.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 702bb16b9f38c4b17879b0d22bd08ea495c578e2
https://github.com/openssl/openssl/commit/702bb16b9f38c4b17879b0d22bd08ea495c578e2
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M ssl/statem/statem_lib.c
Log Message:
-----------
Ignore a bad signature in a CertificateVerify message while fuzzing
We ignore such a bad signature when fuzzing - it will never be correct.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 3714a735acba3a0b3c18259950fc80e9940a3e3d
https://github.com/openssl/openssl/commit/3714a735acba3a0b3c18259950fc80e9940a3e3d
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M fuzz/README.md
Log Message:
-----------
Update the fuzz README to provide info about the stdc++ requirements
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: c327ebbe86c2f98f2204a54f33e21eef2e5de480
https://github.com/openssl/openssl/commit/c327ebbe86c2f98f2204a54f33e21eef2e5de480
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
A test/recipes/99-test_fuzz_quic_client.t
Log Message:
-----------
Add fuzz test recipe for the quic client fuzzer
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 94300d8de224e2135e75439e6b9c63eb7ad61fdf
https://github.com/openssl/openssl/commit/94300d8de224e2135e75439e6b9c63eb7ad61fdf
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M crypto/err/err.c
M crypto/err/err_save.c
Log Message:
-----------
Ensure that the ERR_STATE is left in a consistent state
We shouldn't ever have the case where the data flags indicate that
err_data has been malloc'd, but the err_data field is NULL.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 1f8a8c1de90ebdb4f3c9dbbf3d1329e3f025e946
https://github.com/openssl/openssl/commit/1f8a8c1de90ebdb4f3c9dbbf3d1329e3f025e946
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M ssl/quic/quic_record_rx.c
Log Message:
-----------
Fix a use-after-free in qrx_proces_pkt
When calling qrx_relocate_buffer, both the rxe and the pointer to the token
may be changing locations. We have to use a temporary copy of the token
pointer to avoid referencing the old location of the rxe.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: b13f3f1aa709b6c31136b48af51ed22c30f82cb2
https://github.com/openssl/openssl/commit/b13f3f1aa709b6c31136b48af51ed22c30f82cb2
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M doc/man3/OSSL_ERR_STATE_save.pod
Log Message:
-----------
Add a HISTORY section in the docs about the new ERR_STATE functions
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: d3bb8fe73df16e5a96dc94f1ab770b35b6694931
https://github.com/openssl/openssl/commit/d3bb8fe73df16e5a96dc94f1ab770b35b6694931
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M test/errtest.c
Log Message:
-----------
Add a test for OSSL_ERR_STATE_save_to_mark()
Add a test for the recently added function OSSL_ERR_STATE_save_to_mark().
We can just modify the existing test_save_restore() to add this in.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: f7620555189edb94cc5840814c0ab1864041c148
https://github.com/openssl/openssl/commit/f7620555189edb94cc5840814c0ab1864041c148
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M fuzz/quic-client.c
Log Message:
-----------
Some cleanups in the quic-client fuzzer
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: d8bf5ea19d388028004f06f2ffcd40dbd80c1845
https://github.com/openssl/openssl/commit/d8bf5ea19d388028004f06f2ffcd40dbd80c1845
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M .github/workflows/ci.yml
Log Message:
-----------
Drop FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION for some builds
Some builds that weren't doing fuzzing were defining this which makes no
sense and is not appropriate for non-fuzzing builds.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: d8a4451fa76c83ba08b42b38848ba9705fbe71a2
https://github.com/openssl/openssl/commit/d8a4451fa76c83ba08b42b38848ba9705fbe71a2
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M ssl/quic/quic_tls.c
Log Message:
-----------
If an error occurs constructing the quic record layer, free it properly
We need to call quic_free() to free the record layer to ensure than any
BIO that was already set is also freed.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 9252efdb8d1b21ef05aedef2cc40eee46dd72b96
https://github.com/openssl/openssl/commit/9252efdb8d1b21ef05aedef2cc40eee46dd72b96
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M fuzz/build.info
M fuzz/quic-client.c
Log Message:
-----------
Teach the quic-client fuzzer about time
We allow the fuzzer to influence the time between different packets using
the fake time capability.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 27d8827052ae3c43316582424e9311aea0255bde
https://github.com/openssl/openssl/commit/27d8827052ae3c43316582424e9311aea0255bde
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M .github/workflows/ci.yml
M .github/workflows/static-analysis.yml
Log Message:
-----------
Further tweaks to the CI runs for fuzzing
Have a new job just to run the fuzz tests with fuzzing build mode enabled.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: 49f5d95c052130882842a9df2b988ae6303c14bd
https://github.com/openssl/openssl/commit/49f5d95c052130882842a9df2b988ae6303c14bd
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M fuzz/corpora
Log Message:
-----------
Update the corpora files to include the new quic-client subdir
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Commit: f2c2857accd5650cbcb0767019abd75925b51a3e
https://github.com/openssl/openssl/commit/f2c2857accd5650cbcb0767019abd75925b51a3e
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-23 (Mon, 23 Oct 2023)
Changed paths:
M test/recipes/99-test_fuzz_quic_client.t
Log Message:
-----------
Don't run the QUIC client fuzzer if QUIC is disabled
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
Compare: https://github.com/openssl/openssl/compare/b6eb95fa4439...f2c2857accd5
More information about the openssl-commits
mailing list