Add first try at fuzzing custom mutator

author: Matt Johnston <matt@ucc.asn.au> 2020-10-25 22:52:36 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2020-10-25 22:52:36 +0800
commit: 4e8a1da551db44e5865f6a1cc28e24fc2c2bdd0f (patch)
tree: 409aebeb7bd0f03248dc0716d01a408cc09ed878 /fuzz/fuzz-common.c
parent: 754dc50b933c76ca39660fe2d9e65e35f9aef428 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/fuzz/fuzz-common.c b/fuzz/fuzz-common.c
index 065b7d9..8dddacb 100644
--- a/fuzz/fuzz-common.c
+++ b/fuzz/fuzz-common.c
@@ -256,10 +256,12 @@ int fuzz_run_preauth(const uint8_t *Data, size_t Size, int skip_kexmaths) {
     int fakesock = wrapfd_new();
 
     m_malloc_set_epoch(1);
+    fuzz.do_jmp = 1;
     if (setjmp(fuzz.jmp) == 0) {
         svr_session(fakesock, fakesock);
         m_malloc_free_epoch(1, 0);
     } else {
+        fuzz.do_jmp = 0;
         m_malloc_free_epoch(1, 1);
         TRACE(("dropbear_exit longjmped"))
         /* dropbear_exit jumped here */
@@ -302,10 +304,12 @@ int fuzz_run_client(const uint8_t *Data, size_t Size, int skip_kexmaths) {
     int fakesock = wrapfd_new();
 
     m_malloc_set_epoch(1);
+    fuzz.do_jmp = 1;
     if (setjmp(fuzz.jmp) == 0) {
         cli_session(fakesock, fakesock, NULL, 0);
         m_malloc_free_epoch(1, 0);
     } else {
+        fuzz.do_jmp = 0;
         m_malloc_free_epoch(1, 1);
         TRACE(("dropbear_exit longjmped"))
         /* dropbear_exit jumped here */
author	Matt Johnston <matt@ucc.asn.au>	2020-10-25 22:52:36 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2020-10-25 22:52:36 +0800
commit	4e8a1da551db44e5865f6a1cc28e24fc2c2bdd0f (patch)
tree	409aebeb7bd0f03248dc0716d01a408cc09ed878 /fuzz/fuzz-common.c
parent	754dc50b933c76ca39660fe2d9e65e35f9aef428 (diff)