Commit ff54cd9b authored by Kurt Roeckx's avatar Kurt Roeckx
Browse files

Optionally check for early data 



This adds a way to use the last byte of the buffer to change the
behavior of the server. The last byte is used so that the existing
corpus can be reused either without changing it, or just adding a single
byte, and that it can still be used by other projects.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
GH: #2683
parent 14a6570f

fuzz/server.c

+19 −1
Original line number Diff line number Diff line
@@ -530,8 +530,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) 
#ifndef OPENSSL_NO_DSA

    DSA *dsakey = NULL;

#endif

    uint8_t opt;



    if (len == 0)

    if (len < 2)

        return 0;



    /*
@@ -615,7 +616,24 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) 
    out = BIO_new(BIO_s_mem());

    SSL_set_bio(server, in, out);

    SSL_set_accept_state(server);



    opt = (uint8_t)buf[len-1];

    len--;



    OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);



    if ((opt & 0x01) != 0)

    {

        do {

            char early_buf[16384];

            size_t early_len;

            ret = SSL_read_early_data(server, early_buf, sizeof(early_buf), &early_len);



            if (ret != SSL_READ_EARLY_DATA_SUCCESS)

                break;

        } while (1);

    }



    if (SSL_do_handshake(server) == 1) {

        /* Keep reading application data until error or EOF. */

        uint8_t tmp[1024];