1#include "common.h" 2#include <limits.h> 3#include <stdio.h> 4#include <string.h> 5#include <stdlib.h> 6#include "mbedtls/ctr_drbg.h" 7 8#if defined(MBEDTLS_PLATFORM_TIME_ALT) 9mbedtls_time_t dummy_constant_time(mbedtls_time_t *time) 10{ 11 (void) time; 12 return 0x5af2a056; 13} 14#endif 15 16void dummy_init(void) 17{ 18#if defined(MBEDTLS_PLATFORM_TIME_ALT) 19 mbedtls_platform_set_time(dummy_constant_time); 20#else 21 fprintf(stderr, "Warning: fuzzing without constant time\n"); 22#endif 23} 24 25int dummy_send(void *ctx, const unsigned char *buf, size_t len) 26{ 27 //silence warning about unused parameter 28 (void) ctx; 29 (void) buf; 30 31 //pretends we wrote everything ok 32 if (len > INT_MAX) { 33 return -1; 34 } 35 return (int) len; 36} 37 38int fuzz_recv(void *ctx, unsigned char *buf, size_t len) 39{ 40 //reads from the buffer from fuzzer 41 fuzzBufferOffset_t *biomemfuzz = (fuzzBufferOffset_t *) ctx; 42 43 if (biomemfuzz->Offset == biomemfuzz->Size) { 44 //EOF 45 return 0; 46 } 47 if (len > INT_MAX) { 48 return -1; 49 } 50 if (len + biomemfuzz->Offset > biomemfuzz->Size) { 51 //do not overflow 52 len = biomemfuzz->Size - biomemfuzz->Offset; 53 } 54 memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len); 55 biomemfuzz->Offset += len; 56 return (int) len; 57} 58 59int dummy_random(void *p_rng, unsigned char *output, size_t output_len) 60{ 61 int ret; 62 size_t i; 63 64#if defined(MBEDTLS_CTR_DRBG_C) 65 //mbedtls_ctr_drbg_random requires a valid mbedtls_ctr_drbg_context in p_rng 66 if (p_rng != NULL) { 67 //use mbedtls_ctr_drbg_random to find bugs in it 68 ret = mbedtls_ctr_drbg_random(p_rng, output, output_len); 69 } else { 70 //fall through to pseudo-random 71 ret = 0; 72 } 73#else 74 (void) p_rng; 75 ret = 0; 76#endif 77 for (i = 0; i < output_len; i++) { 78 //replace result with pseudo random 79 output[i] = (unsigned char) rand(); 80 } 81 return ret; 82} 83 84int dummy_entropy(void *data, unsigned char *output, size_t len) 85{ 86 size_t i; 87 (void) data; 88 89 //use mbedtls_entropy_func to find bugs in it 90 //test performance impact of entropy 91 //ret = mbedtls_entropy_func(data, output, len); 92 for (i = 0; i < len; i++) { 93 //replace result with pseudo random 94 output[i] = (unsigned char) rand(); 95 } 96 return 0; 97} 98 99int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len, 100 uint32_t timeout) 101{ 102 (void) timeout; 103 104 return fuzz_recv(ctx, buf, len); 105} 106