Make the random number generator predictable when fuzzing. (3a9b9b2d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

crypto/rand/md_rand.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -33,7 +33,7 @@
		# include <openssl/fips.h>
		#endif

		#ifdef BN_DEBUG
		#if defined(BN_DEBUG) \|\| defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
		# define PREDICT
		#endif

		@@ -307,7 +307,7 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)

		#ifdef PREDICT
		if (rand_predictable) {
		static unsigned char val = 0;
		unsigned char val = 0;

		for (i = 0; i < num; i++)
		buf[i] = val++;

+2 −1

Original line number	Diff line number	Diff line
		@@ -38,7 +38,8 @@ Configure for fuzzing:
		$ CC=clang ./config enable-fuzz-libfuzzer \
		--with-fuzzer-include=../../svn-work/Fuzzer \
		--with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \
		-DPEDANTIC enable-asan enable-ubsan no-shared
		-DPEDANTIC enable-asan enable-ubsan no-shared \
		-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
		$ sudo apt-get install make
		$ LDCMD=clang++ make -j
		$ fuzz/helper.py $FUZZER

+8 −0

Original line number	Diff line number	Diff line
		@@ -191,6 +191,10 @@ static const uint8_t kRSAPrivateKeyDER[] = {

		static SSL_CTX *ctx;

		#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
		extern int rand_predictable;
		#endif

		int FuzzerInitialize(int argc, char **argv)
		{
		const uint8_t *bufp = kRSAPrivateKeyDER;
		@@ -214,6 +218,10 @@ int FuzzerInitialize(int argc, char **argv)
		OPENSSL_assert(ret == 1);
		X509_free(cert);

		#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
		rand_predictable = 1;
		#endif

		return 1;
		}