Skip to content

Commit

Permalink
Update fuzzers code to avoid coverity USE_AFTER_FREE false-positives.
Browse files Browse the repository at this point in the history
  • Loading branch information
@ni4
ni4 committed Nov 2, 2024
1 parent c349fe4 commit 6266133
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 26 deletions.
7 changes: 4 additions & 3 deletions src/fuzzing/dump.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,12 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
rnp_output_destroy(output);
rnp_input_destroy(input);

(void) rnp_input_from_memory(&input, data, size, false);
rnp_input_t input2 = NULL;
(void) rnp_input_from_memory(&input2, data, size, false);
char *json = NULL;
(void) rnp_dump_packets_to_json(input, RNP_DUMP_RAW, &json);
(void) rnp_dump_packets_to_json(input2, RNP_DUMP_RAW, &json);
rnp_buffer_destroy(json);
rnp_input_destroy(input);
rnp_input_destroy(input2);

return 0;
}
39 changes: 16 additions & 23 deletions src/fuzzing/keyimport.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,58 +39,51 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
rnp_input_t input = NULL;
rnp_result_t ret = 0;
rnp_ffi_t ffi = NULL;
uint32_t flags = RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS;

/* try non-permissive import */
ret = rnp_input_from_memory(&input, data, size, false);
ret = rnp_ffi_create(&ffi, "GPG", "GPG");
char *results = NULL;
ret = rnp_import_keys(
ffi, input, RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS, &results);
ret = rnp_import_keys(ffi, input, flags, &results);
rnp_buffer_destroy(results);
rnp_input_destroy(input);
rnp_ffi_destroy(ffi);

/* try permissive import */
ret = rnp_input_from_memory(&input, data, size, false);
rnp_input_t input2 = NULL;
ret = rnp_input_from_memory(&input2, data, size, false);
ret = rnp_ffi_create(&ffi, "GPG", "GPG");
results = NULL;
ret = rnp_import_keys(ffi,
input,
RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS |
RNP_LOAD_SAVE_PERMISSIVE,
&results);
ret = rnp_import_keys(ffi, input2, flags | RNP_LOAD_SAVE_PERMISSIVE, &results);
rnp_buffer_destroy(results);
rnp_input_destroy(input);
rnp_input_destroy(input2);
rnp_ffi_destroy(ffi);

/* try non-permissive iterative import */
ret = rnp_input_from_memory(&input, data, size, false);
rnp_input_t input3 = NULL;
ret = rnp_input_from_memory(&input3, data, size, false);
ret = rnp_ffi_create(&ffi, "GPG", "GPG");
flags |= RNP_LOAD_SAVE_SINGLE;
do {
results = NULL;
ret = rnp_import_keys(ffi,
input,
RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS |
RNP_LOAD_SAVE_SINGLE,
&results);
ret = rnp_import_keys(ffi, input3, flags, &results);
rnp_buffer_destroy(results);
} while (!ret);
rnp_input_destroy(input);
rnp_input_destroy(input3);
rnp_ffi_destroy(ffi);

/* try permissive iterative import */
ret = rnp_input_from_memory(&input, data, size, false);
rnp_input_t input4 = NULL;
ret = rnp_input_from_memory(&input4, data, size, false);
ret = rnp_ffi_create(&ffi, "GPG", "GPG");
flags |= RNP_LOAD_SAVE_PERMISSIVE;
do {
results = NULL;
ret = rnp_import_keys(ffi,
input,
RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS |
RNP_LOAD_SAVE_PERMISSIVE | RNP_LOAD_SAVE_SINGLE,
&results);
ret = rnp_import_keys(ffi, input4, flags, &results);
rnp_buffer_destroy(results);
} while (!ret);
rnp_input_destroy(input);
rnp_input_destroy(input4);
rnp_ffi_destroy(ffi);

return 0;
Expand Down

0 comments on commit 6266133

Please sign in to comment.