/* Copyright (c) 2022, Google Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include #include #include #include #include extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { // The string-based extensions APIs routinely produce output quadratic in // their input. Cap the input size to mitigate this. See also // https://crbug.com/boringssl/611. len = std::min(len, size_t{8 * 1024}); bssl::UniquePtr bio(BIO_new_mem_buf(buf, len)); bssl::UniquePtr conf(NCONF_new(nullptr)); if (NCONF_load_bio(conf.get(), bio.get(), nullptr)) { // Run with and without |X509V3_CTX| information. bssl::UniquePtr cert(X509_new()); X509V3_CTX ctx; X509V3_set_ctx(&ctx, /*subject=*/cert.get(), /*issuer=*/cert.get(), nullptr, nullptr, 0); X509V3_EXT_add_nconf(conf.get(), &ctx, "default", cert.get()); cert.reset(X509_new()); X509V3_EXT_add_nconf(conf.get(), nullptr, "default", cert.get()); } return 0; }