| #
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
|
| #
399c2da0 |
| 18-Dec-2022 |
Kurt Roeckx |
Update X509 fuzzer to verify a chain
It add supports for verifying that it's been signed by a CA, and
checks the CRL and OCSP status
Can find CVE-2022-4203 and CVE-2023-0286
Update X509 fuzzer to verify a chain
It add supports for verifying that it's been signed by a CA, and
checks the CRL and OCSP status
Can find CVE-2022-4203 and CVE-2023-0286
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20243)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10 |
|
| #
de2ea978 |
| 10-Dec-2020 |
Pauli |
RAND_METHOD deprecation: fuzzer
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
|
| #
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)
|
| #
55869f59 |
| 10-Feb-2021 |
Matt Caswell |
Test that X509_issuer_and_serial_hash doesn't crash
Provide a certificate with a bad issuer and check that
X509_issuer_and_serial_hash doesn't crash.
Reviewed-by: Richard Levitt
Test that X509_issuer_and_serial_hash doesn't crash
Provide a certificate with a bad issuer and check that
X509_issuer_and_serial_hash doesn't crash.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
| #
e5d4233f |
| 26-Jul-2019 |
Richard Levitte |
Deprecate ERR_get_state()
Internally, we still need this function, so we make it internal and
then add a new ERR_get_state() that simply calls the internal variant,
unless it's "remo
Deprecate ERR_get_state()
Internally, we still need this function, so we make it internal and
then add a new ERR_get_state() that simply calls the internal variant,
unless it's "removed" by configuration.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9462)
show more ...
|
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
0642931f |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in fuzz/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7833)
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
| #
710769f0 |
| 11-Aug-2017 |
Rich Salz |
Move FuzzerSetRand to separate file.
Use an inline rand.inc; this fixes Google's OSS-Fuzz builds.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/o
Move FuzzerSetRand to separate file.
Use an inline rand.inc; this fixes Google's OSS-Fuzz builds.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4141)
show more ...
|
| #
9f08a1c6 |
| 26-Jul-2017 |
Rich Salz |
Install custom RAND_METHOD for fuzzing
Instead of setting a "magic" global variable to force RAND to keep
consistent state and always generate the same bytestream, have
the fuzzing c
Install custom RAND_METHOD for fuzzing
Instead of setting a "magic" global variable to force RAND to keep
consistent state and always generate the same bytestream, have
the fuzzing code install its own RAND_METHOD that does this. For
BN_RAND_DEBUG, we just don't do it; that debugging was about mucking
with BN's internal representation, not requiring predictable rand
bytes.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4025)
show more ...
|
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
| #
b534df96 |
| 19-Feb-2017 |
Kurt Roeckx |
Make x509 and asn1 fuzzer reproducible
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
|
|
Revision tags: OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d |
|
| #
d69d8f90 |
| 02-Dec-2016 |
Kurt Roeckx |
Make the fuzzers more reproducible
We want to be in the same global state each time we come in
FuzzerTestOneInput(). There are various reasons why we might not be that
include:
-
Make the fuzzers more reproducible
We want to be in the same global state each time we come in
FuzzerTestOneInput(). There are various reasons why we might not be that
include:
- Initialization that happens on first use. This is mostly the
RUN_ONCE() things, or loading of error strings.
- Results that get cached. For instance a stack that is sorted, RSA
blinding that has been set up, ...
So I try to trigger as much as possible in FuzzerInitialize(), and for
things I didn't find out how to trigger this it needs to happen in
FuzzerTestOneInput().
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_15 |
|
| #
ad4da7fb |
| 19-Nov-2016 |
Kurt Roeckx |
Add a FuzzerClean() function
This allows to free everything we allocated, so we can detect memory
leaks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
| #
f3e911d5 |
| 19-Nov-2016 |
Kurt Roeckx |
Fix formatting of fuzzers
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
|
|
Revision tags: OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6 |
|
| #
a05b0bcf |
| 01-Jul-2016 |
Kurt Roeckx |
Re-add x509 and crl fuzzer
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1276
|
| #
03cb37ac |
| 26-Jun-2016 |
Alex Gaynor |
Add comment about X509_print
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Kasper <emilia@openssl.org>
GH: #1255
|
|
Revision tags: OpenSSL-fips-2_0_13 |
|
| #
e1859d8d |
| 18-Jun-2016 |
Kurt Roeckx |
Add X509 and CRL fuzzer
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1229
|
