diff --git a/fuzz/build.info b/fuzz/build.info index 7ba41a7a6e..91d8143207 100644 --- a/fuzz/build.info +++ b/fuzz/build.info @@ -9,7 +9,7 @@ -} IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}] - PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server x509 + PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server smime x509 PROGRAMS{noinst}=punycode IF[{- !$disabled{"cmp"} -}] @@ -68,6 +68,10 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}] INCLUDE[punycode]=../include {- $ex_inc -} DEPEND[punycode]=../libcrypto.a {- $ex_lib -} + SOURCE[smime]=smime.c driver.c + INCLUDE[smime]=../include {- $ex_inc -} + DEPEND[smime]=../libcrypto ../libssl {- $ex_lib -} + SOURCE[server]=server.c driver.c fuzz_rand.c INCLUDE[server]=../include {- $ex_inc -} DEPEND[server]=../libcrypto ../libssl {- $ex_lib -} @@ -78,7 +82,7 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}] ENDIF IF[{- !$disabled{tests} -}] - PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test x509-test + PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test smime-test x509-test PROGRAMS{noinst}=punycode-test IF[{- !$disabled{"cmp"} -}] @@ -138,6 +142,10 @@ IF[{- !$disabled{tests} -}] INCLUDE[punycode-test]=../include DEPEND[punycode-test]=../libcrypto.a + SOURCE[smime-test]=smime.c test-corpus.c + INCLUDE[smime-test]=../include + DEPEND[smime-test]=../libcrypto ../libssl + SOURCE[server-test]=server.c test-corpus.c fuzz_rand.c INCLUDE[server-test]=../include DEPEND[server-test]=../libcrypto ../libssl diff --git a/fuzz/corpora/smime/b6cf925eec43acc9cc43c3104f17ac16d71439d0 b/fuzz/corpora/smime/b6cf925eec43acc9cc43c3104f17ac16d71439d0 new file mode 100644 index 0000000000..92bb948544 Binary files /dev/null and b/fuzz/corpora/smime/b6cf925eec43acc9cc43c3104f17ac16d71439d0 differ diff --git a/fuzz/smime.c b/fuzz/smime.c new file mode 100644 index 0000000000..8a4deff2f6 --- /dev/null +++ b/fuzz/smime.c @@ -0,0 +1,49 @@ +/* + * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +#include "fuzzer.h" +#include +#include +#include +#include + +int FuzzerInitialize(int *argc, char ***argv) +{ + return 1; +} + +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ + BIO *b = BIO_new_mem_buf(buf, len); + PKCS7 *p7 = SMIME_read_PKCS7(b, NULL); + + if (p7 != NULL) { + STACK_OF(PKCS7_SIGNER_INFO) *p7si = PKCS7_get_signer_info(p7); + int i; + + for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(p7si); i++) { + STACK_OF(X509_ALGOR) *algs; + + PKCS7_cert_from_signer_info(p7, + sk_PKCS7_SIGNER_INFO_value(p7si, i)); + algs = PKCS7_get_smimecap(sk_PKCS7_SIGNER_INFO_value(p7si, i)); + sk_X509_ALGOR_pop_free(algs, X509_ALGOR_free); + } + PKCS7_free(p7); + } + + BIO_free(b); + ERR_clear_error(); + return 0; +} + +void FuzzerCleanup(void) +{ +} diff --git a/test/recipes/99-test_fuzz_smime.t b/test/recipes/99-test_fuzz_smime.t new file mode 100644 index 0000000000..dc9e621b99 --- /dev/null +++ b/test/recipes/99-test_fuzz_smime.t @@ -0,0 +1,23 @@ +#!/usr/bin/env perl +# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +my $fuzzer = "smime"; +setup("test_fuzz_${fuzzer}"); + +plan tests => 2; # one more due to below require_ok(...) + +require_ok(srctop_file('test','recipes','fuzz.pl')); + +fuzz_ok($fuzzer); +