diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-04-04 14:19:41 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-04-04 14:19:41 +0200 |
| commit | cc5aec5f0ac6ff3d7d4c9ecbe02881641e8c8c92 (patch) | |
| tree | a1acafaa0f86978e648de0a75713873744ea8270 /src | |
| parent | d7662379b470191afd5f5d3b26f4e0763bc24a83 (diff) | |
fuzz: add fuzzer to test internal gcrypt code (#1920)
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/third_party/include/gcrypt_light.h | 8 | ||||
| -rw-r--r-- | src/lib/third_party/src/gcrypt_light.c | 27 |
2 files changed, 23 insertions, 12 deletions
diff --git a/src/lib/third_party/include/gcrypt_light.h b/src/lib/third_party/include/gcrypt_light.h index 6d6a115ee..bbd664155 100644 --- a/src/lib/third_party/include/gcrypt_light.h +++ b/src/lib/third_party/include/gcrypt_light.h @@ -1,4 +1,8 @@ +#ifdef __cplusplus +extern "C" { +#endif + #ifndef GCRY_LIGHT_H #define GCRY_LIGHT_H @@ -84,4 +88,8 @@ size_t gcry_cipher_get_algo_keylen (int algo); #endif /* GCRY_LIGHT_H */ +#ifdef __cplusplus +} +#endif + /* vim: set ts=4 sw=4 et foldmethod=marker foldmarker={{{{,}}}}: */ diff --git a/src/lib/third_party/src/gcrypt_light.c b/src/lib/third_party/src/gcrypt_light.c index 10cb7cd39..512f67bb5 100644 --- a/src/lib/third_party/src/gcrypt_light.c +++ b/src/lib/third_party/src/gcrypt_light.c @@ -116,7 +116,7 @@ const char *gcry_check_version(void *unused) { gcry_error_t gcry_md_open(gcry_md_hd_t *h,int algo,int flags) { gcry_md_hd_t ctx; if(!(algo == GCRY_MD_SHA256 && flags == GCRY_MD_FLAG_HMAC)) return MBEDTLS_ERR_MD_NOT_SUPPORT; - ctx = ndpi_calloc(1,sizeof(struct gcry_md_hd)); + ctx = (gcry_md_hd_t)ndpi_calloc(1,sizeof(struct gcry_md_hd)); if(!ctx) return MBEDTLS_ERR_MD_ALLOC_FAILED; *h = ctx; return GPG_ERR_NO_ERROR; @@ -133,13 +133,15 @@ void gcry_md_reset(gcry_md_hd_t h) { gcry_error_t gcry_md_setkey(gcry_md_hd_t h,const uint8_t *key,size_t key_len) { if(h->key_len) return MBEDTLS_ERR_MD_REKEY; h->key_len = key_len <= sizeof(h->key) ? key_len : sizeof(h->key); - memcpy(h->key,key,h->key_len); + if(h->key_len > 0) + memcpy(h->key,key,h->key_len); return GPG_ERR_NO_ERROR; } gcry_error_t gcry_md_write(gcry_md_hd_t h,const uint8_t *data,size_t data_len) { if(h->data_len + data_len > GCRY_MD_BUFF_SIZE) return MBEDTLS_ERR_MD_DATA_TOO_BIG; - memcpy(&h->data_buf[h->data_len],data,data_len); + if(data_len > 0) + memcpy(&h->data_buf[h->data_len],data,data_len); h->data_len += data_len; return GPG_ERR_NO_ERROR; } @@ -178,7 +180,7 @@ size_t s_len = ROUND_SIZE8(sizeof(struct gcry_cipher_hd));; switch(mode) { case GCRY_CIPHER_MODE_ECB: - r = ndpi_calloc(1,s_len + sizeof(mbedtls_aes_context)); + r = (struct gcry_cipher_hd *)ndpi_calloc(1,s_len + sizeof(mbedtls_aes_context)); if(!r) return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; r->ctx.ecb = (mbedtls_aes_context *)(r+1); mbedtls_aes_init(r->ctx.ecb); @@ -188,7 +190,7 @@ size_t s_len = ROUND_SIZE8(sizeof(struct gcry_cipher_hd));; size_t aes_ctx_size = ROUND_SIZE8(sizeof( mbedtls_aes_context )); size_t gcm_ctx_size = ROUND_SIZE8(sizeof( mbedtls_gcm_context )); - r = ndpi_calloc(1,s_len + gcm_ctx_size + aes_ctx_size); + r = (struct gcry_cipher_hd *)ndpi_calloc(1,s_len + gcm_ctx_size + aes_ctx_size); if(!r) return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; r->ctx.gcm = (mbedtls_gcm_context *)(r+1); mbedtls_gcm_init(r->ctx.gcm,(void *)(((char *)(r+1)) + gcm_ctx_size)); @@ -250,10 +252,10 @@ gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t h, const void *key, size_t key if( keylen != gcry_cipher_get_algo_keylen(h->algo)) return MBEDTLS_ERR_CIPHER_BAD_KEY; switch(h->mode) { case GCRY_CIPHER_MODE_ECB: - r = mbedtls_aes_setkey_enc( h->ctx.ecb, key, keylen*8 ); + r = mbedtls_aes_setkey_enc( h->ctx.ecb, (const unsigned char *)key, keylen*8 ); break; case GCRY_CIPHER_MODE_GCM: - r = mbedtls_gcm_setkey( h->ctx.gcm, MBEDTLS_CIPHER_ID_AES, key, keylen*8 ); + r = mbedtls_gcm_setkey( h->ctx.gcm, MBEDTLS_CIPHER_ID_AES, (const unsigned char *)key, keylen*8 ); break; } if(!r) { @@ -285,7 +287,8 @@ gcry_error_t gcry_cipher_authenticate (gcry_cipher_hd_t h, const void *abuf, siz if(abuflen > sizeof(h->auth)) return MBEDTLS_ERR_CIPHER_BAD_KEY; h->s_auth = 1; h->authlen = abuflen; - memcpy(h->auth,abuf,abuflen); + if(abuflen > 0) + memcpy(h->auth,abuf,abuflen); return 0; } return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; @@ -298,7 +301,7 @@ gcry_error_t gcry_cipher_checktag (gcry_cipher_hd_t h, const void *intag, size_t if(h->s_crypt_ok && h->taglen == taglen) { size_t i; int diff; - const uint8_t *ctag = intag; + const uint8_t *ctag = (const uint8_t *)intag; for( diff = 0, i = 0; i < taglen; i++ ) diff |= ctag[i] ^ h->tag[i]; if(!diff) return 0; @@ -326,7 +329,7 @@ static gcry_error_t _gcry_cipher_crypt (gcry_cipher_hd_t h, if(check_valid_algo_mode(h)) return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; if(!inlen && !outsize) return MBEDTLS_ERR_GCM_BAD_INPUT; if(!in && !inlen) { - src = ndpi_malloc(outsize); + src = (uint8_t *)ndpi_malloc(outsize); if(!src) return MBEDTLS_ERR_GCM_ALLOC_FAILED; srclen = outsize; memcpy(src,out,outsize); @@ -338,7 +341,7 @@ static gcry_error_t _gcry_cipher_crypt (gcry_cipher_hd_t h, if(!encrypt) return MBEDTLS_ERR_GCM_NOT_SUPPORT; if(!( h->s_key && !h->s_crypt_ok)) return MBEDTLS_ERR_AES_MISSING_KEY; rv = mbedtls_aes_crypt_ecb(h->ctx.ecb, MBEDTLS_AES_ENCRYPT, - src ? src:in, out); + src ? src:(const unsigned char *)in, (unsigned char *)out); break; case GCRY_CIPHER_MODE_GCM: if(encrypt) return MBEDTLS_ERR_GCM_NOT_SUPPORT; @@ -349,7 +352,7 @@ static gcry_error_t _gcry_cipher_crypt (gcry_cipher_hd_t h, src ? srclen:outsize, h->iv,h->ivlen, h->auth,h->authlen, - src ? src:in,out, + src ? src:(const unsigned char *)in, (unsigned char *)out, h->taglen, h->tag); break; } |