Move libfuzzer sanitizer options to README

[openssl.git] / fuzz / server.c

diff --git a/fuzz/server.c b/fuzz/server.c
index 0076306db9c8c3f4f6ec8b32a75e9642f886d418..4f2c794a4ca513779a7001396f28037b47c8863b 100644 (file)
--- a/fuzz/server.c
+++ b/fuzz/server.c
@@ -191,7 +191,12 @@ static const uint8_t kRSAPrivateKeyDER[] = {
 
 static SSL_CTX *ctx;
 
-int FuzzerInitialize(int *argc, char ***argv) {
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+extern int rand_predictable;
+#endif
+
+int FuzzerInitialize(int *argc, char ***argv)
+{
     const uint8_t *bufp = kRSAPrivateKeyDER;
     RSA *privkey;
     EVP_PKEY *pkey;
@@ -213,10 +218,21 @@ int FuzzerInitialize(int *argc, char ***argv) {
     OPENSSL_assert(ret == 1);
     X509_free(cert);
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    rand_predictable = 1;
+#endif
+
     return 1;
 }
 
-int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
+int FuzzerTestOneInput(const uint8_t *buf, size_t len)
+{
+    SSL *server;
+    BIO *in;
+    BIO *out;
+    if (!len) {
+        return 0;
+    }
     /* TODO: make this work for OpenSSL. There's a PREDICT define that may do
      * the job.
      * TODO: use the ossltest engine (optionally?) to disable crypto checks.
@@ -224,9 +240,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
      */
 
     /* This only fuzzes the initial flow from the client so far. */
-    SSL *server = SSL_new(ctx);
-    BIO *in = BIO_new(BIO_s_mem());
-    BIO *out = BIO_new(BIO_s_mem());
+    server = SSL_new(ctx);
+    in = BIO_new(BIO_s_mem());
+    out = BIO_new(BIO_s_mem());
     SSL_set_bio(server, in, out);
     SSL_set_accept_state(server);
     OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);
@@ -242,3 +258,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
     SSL_free(server);
     return 0;
 }
+
+void FuzzerCleanup(void)
+{
+    SSL_CTX_free(ctx);
+}