Added a fuzzer for SMIME

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20332)

fuzz/build.info

@@ -9,7 +9,7 @@
 -}
 
 IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
-  PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server x509
+  PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server smime x509
   PROGRAMS{noinst}=punycode
 
   IF[{- !$disabled{"cmp"} -}]
@@ -68,6 +68,10 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
   INCLUDE[punycode]=../include {- $ex_inc -}
   DEPEND[punycode]=../libcrypto.a {- $ex_lib -}
 
+  SOURCE[smime]=smime.c driver.c
+  INCLUDE[smime]=../include {- $ex_inc -}
+  DEPEND[smime]=../libcrypto ../libssl {- $ex_lib -}
+
   SOURCE[server]=server.c driver.c fuzz_rand.c
   INCLUDE[server]=../include {- $ex_inc -}
   DEPEND[server]=../libcrypto ../libssl {- $ex_lib -}
@@ -78,7 +82,7 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
 ENDIF
 
 IF[{- !$disabled{tests} -}]
-  PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test x509-test
+  PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test smime-test x509-test
   PROGRAMS{noinst}=punycode-test
 
   IF[{- !$disabled{"cmp"} -}]
@@ -138,6 +142,10 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[punycode-test]=../include
   DEPEND[punycode-test]=../libcrypto.a
 
+  SOURCE[smime-test]=smime.c test-corpus.c
+  INCLUDE[smime-test]=../include
+  DEPEND[smime-test]=../libcrypto ../libssl
+
   SOURCE[server-test]=server.c test-corpus.c fuzz_rand.c
   INCLUDE[server-test]=../include
   DEPEND[server-test]=../libcrypto ../libssl

fuzz/smime.c

@@ -0,0 +1,49 @@
+/*
+ * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include "fuzzer.h"
+#include <openssl/err.h>
+#include <openssl/pkcs7.h>
+#include <openssl/x509.h>
+#include <stdio.h>
+
+int FuzzerInitialize(int *argc, char ***argv)
+{
+    return 1;
+}
+
+int FuzzerTestOneInput(const uint8_t *buf, size_t len)
+{
+    BIO *b = BIO_new_mem_buf(buf, len);
+    PKCS7 *p7 = SMIME_read_PKCS7(b, NULL);
+
+    if (p7 != NULL) {
+        STACK_OF(PKCS7_SIGNER_INFO) *p7si = PKCS7_get_signer_info(p7);
+        int i;
+
+        for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(p7si); i++) {
+            STACK_OF(X509_ALGOR) *algs;
+
+            PKCS7_cert_from_signer_info(p7,
+                                        sk_PKCS7_SIGNER_INFO_value(p7si, i));
+            algs = PKCS7_get_smimecap(sk_PKCS7_SIGNER_INFO_value(p7si, i));
+            sk_X509_ALGOR_pop_free(algs, X509_ALGOR_free);
+        }
+        PKCS7_free(p7);
+    }
+
+    BIO_free(b);
+    ERR_clear_error();
+    return 0;
+}
+
+void FuzzerCleanup(void)
+{
+}

test/recipes/99-test_fuzz_smime.t

@@ -0,0 +1,23 @@
+#!/usr/bin/env perl
+# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw/:DEFAULT srctop_file/;
+use OpenSSL::Test::Utils;
+
+my $fuzzer = "smime";
+setup("test_fuzz_${fuzzer}");
+
+plan tests => 2; # one more due to below require_ok(...)
+
+require_ok(srctop_file('test','recipes','fuzz.pl'));
+
+fuzz_ok($fuzzer);
+