New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added a fuzzer for SMIME #20332
Added a fuzzer for SMIME #20332
Conversation
40fd1e3
to
93cd250
Compare
Can you also make it run during make test, see for instance #20269 on how to do it. |
|
||
if (p7) { | ||
PKCS7_free(p7); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you do more things with the PKCS7? For instance call functions like PKCS7_get_signer_info(), PKCS7_cert_from_signer_info(), PKCS7_get_signed_attribute(), PKCS7_get_smimecap(), PKCS7_dataVerify(), ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess the CMS fuzzer could use things like that too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added some usage of the p7 API. I'm candidly not totally confident they're correct, since many of these functions aren't documented.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You might want to look at the pkcs7 and smime tool for other things that might be useful to do.
0e0ec23
to
d363237
Compare
@kroeckx do you want to hold this open until its expanded, or would you consider merging as is (modulo any other reviews) and then iterating as we get coverage metrics from oss-fuzz? |
I'm fine with merging as is.
|
4d34b79
to
31c4abc
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. Just some style nits below.
fuzz/smime.c
Outdated
BIO *b = BIO_new_mem_buf(buf, len); | ||
PKCS7 *p7 = SMIME_read_PKCS7(b, NULL); | ||
|
||
if (p7) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (p7 != NULL) {
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. @kroeckx - can you reconfirm?
is anything additionally required from me to merge this? |
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
No, it will get merged when someone has time for it. |
Pushed. Thanks for your contribution. |
Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #20332)
No description provided.