From: Kurt Roeckx <kurt@roeckx.be>
Date: Sat, 19 Nov 2016 16:20:34 +0000 (+0100)
Subject: Make the random number generator predictable when fuzzing.
X-Git-Tag: OpenSSL_1_1_1-pre1~2942
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=3a9b9b2deb8e19fa10e7c3c99ad0baa2f90f13fa;hp=3a85d05fb3977ddc3b2f97cf4641b73e10bb952b

Make the random number generator predictable when fuzzing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
---

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 85ce4e6f98..0cf6e90834 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -33,7 +33,7 @@
 # include <openssl/fips.h>
 #endif
 
-#ifdef BN_DEBUG
+#if defined(BN_DEBUG) || defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
 # define PREDICT
 #endif
 
@@ -307,7 +307,7 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
 
 #ifdef PREDICT
     if (rand_predictable) {
-        static unsigned char val = 0;
+        unsigned char val = 0;
 
         for (i = 0; i < num; i++)
             buf[i] = val++;
diff --git a/fuzz/README.md b/fuzz/README.md
index c5a1ba9c9a..d0c30f4461 100644
--- a/fuzz/README.md
+++ b/fuzz/README.md
@@ -38,7 +38,8 @@ Configure for fuzzing:
     $ CC=clang ./config enable-fuzz-libfuzzer \
             --with-fuzzer-include=../../svn-work/Fuzzer \
             --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \
-            -DPEDANTIC enable-asan enable-ubsan no-shared
+            -DPEDANTIC enable-asan enable-ubsan no-shared \
+            -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
     $ sudo apt-get install make
     $ LDCMD=clang++ make -j
     $ fuzz/helper.py $FUZZER
diff --git a/fuzz/server.c b/fuzz/server.c
index b8a3ac44e3..4f2c794a4c 100644
--- a/fuzz/server.c
+++ b/fuzz/server.c
@@ -191,6 +191,10 @@ static const uint8_t kRSAPrivateKeyDER[] = {
 
 static SSL_CTX *ctx;
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+extern int rand_predictable;
+#endif
+
 int FuzzerInitialize(int *argc, char ***argv)
 {
     const uint8_t *bufp = kRSAPrivateKeyDER;
@@ -214,6 +218,10 @@ int FuzzerInitialize(int *argc, char ***argv)
     OPENSSL_assert(ret == 1);
     X509_free(cert);
 
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+    rand_predictable = 1;
+#endif
+
     return 1;
 }