Add fuzz test for v3name

v3name_fuzzer build modifications

create 99-test_fuzz_v3name_fuzzer.t

test corpus for cve-2023-0286

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20274)

fuzz/build.info

@@ -11,6 +11,7 @@
 IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
   PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server smime x509
   PROGRAMS{noinst}=punycode
+  PROGRAMS{noinst}=v3name
 
   IF[{- !$disabled{"cmp"} -}]
     PROGRAMS{noinst}=cmp
@@ -72,6 +73,10 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
   INCLUDE[smime]=../include {- $ex_inc -}
   DEPEND[smime]=../libcrypto ../libssl {- $ex_lib -}
 
+  SOURCE[v3name]=v3name.c driver.c
+  INCLUDE[v3name]=../include {- $ex_inc -}
+  DEPEND[v3name]=../libcrypto.a {- $ex_lib -}
+
   SOURCE[server]=server.c driver.c fuzz_rand.c
   INCLUDE[server]=../include {- $ex_inc -}
   DEPEND[server]=../libcrypto ../libssl {- $ex_lib -}
@@ -84,6 +89,7 @@ ENDIF
 IF[{- !$disabled{tests} -}]
   PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test smime-test x509-test
   PROGRAMS{noinst}=punycode-test
+  PROGRAMS{noinst}=v3name-test
 
   IF[{- !$disabled{"cmp"} -}]
     PROGRAMS{noinst}=cmp-test
@@ -146,6 +152,10 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[smime-test]=../include
   DEPEND[smime-test]=../libcrypto ../libssl
 
+  SOURCE[v3name-test]=v3name.c test-corpus.c
+  INCLUDE[v3name-test]=../include
+  DEPEND[v3name-test]=../libcrypto.a
+
   SOURCE[server-test]=server.c test-corpus.c fuzz_rand.c
   INCLUDE[server-test]=../include
   DEPEND[server-test]=../libcrypto ../libssl

fuzz/v3name.c

@@ -0,0 +1,44 @@
+/*
+ * Copyright 2012-2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <string.h>
+#include <openssl/e_os2.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include "internal/nelem.h"
+#include "fuzzer.h"
+
+int FuzzerInitialize(int *argc, char ***argv)
+{
+    return 1;
+}
+
+int FuzzerTestOneInput(const uint8_t* data, size_t size){
+    GENERAL_NAME *namesa;
+    GENERAL_NAME *namesb;
+
+    const unsigned char *derp = data;
+    /*
+     * We create two versions of each GENERAL_NAME so that we ensure when
+     * we compare them they are always different pointers.
+     */
+    namesa = d2i_GENERAL_NAME(NULL, &derp, size);
+    derp = data;
+    namesb = d2i_GENERAL_NAME(NULL, &derp, size);
+    GENERAL_NAME_cmp(namesa, namesb);
+    if (namesa != NULL)
+        GENERAL_NAME_free(namesa);
+    if (namesb != NULL)
+        GENERAL_NAME_free(namesb);
+    return 0;
+}
+
+void FuzzerCleanup(void)
+{
+}

test/recipes/99-test_fuzz_v3name.t

@@ -0,0 +1,22 @@
+#!/usr/bin/env perl
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw/:DEFAULT srctop_file/;
+use OpenSSL::Test::Utils;
+
+my $fuzzer = "v3name";
+setup("test_fuzz_${fuzzer}");
+
+plan tests => 2; # one more due to below require_ok(...)
+
+require_ok(srctop_file('test','recipes','fuzz.pl'));
+
+fuzz_ok($fuzzer);