Make the random number generator predictable when fuzzing.
authorKurt Roeckx <kurt@roeckx.be>
Sat, 19 Nov 2016 16:20:34 +0000 (17:20 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Fri, 2 Dec 2016 23:14:15 +0000 (00:14 +0100)
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023

crypto/rand/md_rand.c
fuzz/README.md
fuzz/server.c

index 85ce4e6..0cf6e90 100644 (file)
@@ -33,7 +33,7 @@
 # include <openssl/fips.h>
 #endif
 
-#ifdef BN_DEBUG
+#if defined(BN_DEBUG) || defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
 # define PREDICT
 #endif
 
@@ -307,7 +307,7 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
 
 #ifdef PREDICT
     if (rand_predictable) {
-        static unsigned char val = 0;
+        unsigned char val = 0;
 
         for (i = 0; i < num; i++)
             buf[i] = val++;
index c5a1ba9..d0c30f4 100644 (file)
@@ -38,7 +38,8 @@ Configure for fuzzing:
     $ CC=clang ./config enable-fuzz-libfuzzer \
             --with-fuzzer-include=../../svn-work/Fuzzer \
             --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \
-            -DPEDANTIC enable-asan enable-ubsan no-shared
+            -DPEDANTIC enable-asan enable-ubsan no-shared \
+            -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
     $ sudo apt-get install make
     $ LDCMD=clang++ make -j
     $ fuzz/helper.py $FUZZER
index b8a3ac4..4f2c794 100644 (file)
@@ -191,6 +191,10 @@ static const uint8_t kRSAPrivateKeyDER[] = {
 
 static SSL_CTX *ctx;
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+extern int rand_predictable;
+#endif
+
 int FuzzerInitialize(int *argc, char ***argv)
 {
     const uint8_t *bufp = kRSAPrivateKeyDER;
@@ -214,6 +218,10 @@ int FuzzerInitialize(int *argc, char ***argv)
     OPENSSL_assert(ret == 1);
     X509_free(cert);
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    rand_predictable = 1;
+#endif
+
     return 1;
 }