Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-19 00:05:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1400513 - u2f-hid-rs: fuzzers should use a deterministic cmd byte r=jcj

Browse Source 
Summary: We're currently using the thread_rng to derive a cmd byte for the U2F protocol fuzzers. That of course should rather be derived deterministically from the input handed to the fuzzing target.

Bug #: 1400513

Differential Revision: https://phabricator.services.mozilla.com/D61
This commit is contained in:
Tim Taubert 2017-09-17 20:07:32 +02:00
parent efb7d369f2
commit cd9cddcc94
11 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read/3031b026f0eb80bc03d05be97b3cef550913a3d4 Normal file
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read/3e28ec02ceb803efa105dc82fcfc9cb4014d7ced
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read/60c1a897bef5145eb977461d13f789e1ddfa4a69
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read/7dc504e4505d6b4d3465aeb7bdf59702676a54cd Normal file
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read/7f960b178bcf3adf082da7c632b4e1366ba22274
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read/a05810d808f44249ae8ecfeadc59e5d8f7e55fb8 Normal file
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read/a22d2b1daa9483abc026fa2f75290aa51be59ca9
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read_write/62b74bc0ad2433f77a007b95eaf964ea719d21e2
View File

Binary file not shown.

BIN
dom/webauthn/u2f-hid-rs/fuzz/corpus/u2f_read_write/afcb12f9dddb1ed0bb06d6372e91b2707cd764d1 Normal file
View File

Binary file not shown.

11
dom/webauthn/u2f-hid-rs/fuzz/fuzz_targets/u2f_read.rs
View File

@ -4,10 +4,8 @@
#![no_main]
#[macro_use] extern crate libfuzzer_sys;
extern crate rand;
extern crate u2fhid;
use rand::{thread_rng, Rng};
use std::{cmp, io};
use u2fhid::{CID_BROADCAST, HID_RPT_SIZE};
@ -59,7 +57,10 @@ impl<'a> U2FDevice for TestDevice<'a> {
}
fuzz_target!(|data: &[u8]| {
let mut dev = TestDevice::new(data);
let cmd = thread_rng().gen::<u8>();
let _ = sendrecv(&mut dev, cmd, data);
if data.len() > 0 {
let cmd = data[0];
let data = &data[1..];
let mut dev = TestDevice::new(data);
let _ = sendrecv(&mut dev, cmd, data);
}
});

13
dom/webauthn/u2f-hid-rs/fuzz/fuzz_targets/u2f_read_write.rs
View File

@ -4,10 +4,8 @@
#![no_main]
#[macro_use] extern crate libfuzzer_sys;
extern crate rand;
extern crate u2fhid;
use rand::{thread_rng, Rng};
use std::{cmp, io};
use u2fhid::{CID_BROADCAST, HID_RPT_SIZE};
@ -60,8 +58,11 @@ impl U2FDevice for TestDevice {
}
fuzz_target!(|data: &[u8]| {
let mut dev = TestDevice::new();
let cmd = thread_rng().gen::<u8>();
let res = sendrecv(&mut dev, cmd, data);
assert_eq!(data, &res.unwrap()[..]);
if data.len() > 0 {
let cmd = data[0];
let data = &data[1..];
let mut dev = TestDevice::new();
let res = sendrecv(&mut dev, cmd, data);
assert_eq!(data, &res.unwrap()[..]);
}
});