diff options
author | Matt Johnston <matt@ucc.asn.au> | 2020-12-03 22:18:51 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2020-12-03 22:18:51 +0800 |
commit | 2c64335d9cfab7674ff5c247208abb4661335c43 (patch) | |
tree | e9967a8934592cb19c312492b430dabddcca6a9d /fuzz | |
parent | 286b6b9f80b901528394fabb23a26a0c67dc8f88 (diff) |
fuzz: make postauth set authdone properly
Diffstat (limited to 'fuzz')
-rw-r--r-- | fuzz/fuzz-common.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/fuzz/fuzz-common.c b/fuzz/fuzz-common.c index 4a9634a..b43ba9b 100644 --- a/fuzz/fuzz-common.c +++ b/fuzz/fuzz-common.c @@ -102,6 +102,13 @@ void fuzz_svr_setup(void) { load_fixed_hostkeys(); } +void fuzz_svr_hook_preloop() { + if (fuzz.svr_postauth) { + ses.authstate.authdone = 1; + fill_passwd("root"); + } +} + void fuzz_cli_setup(void) { fuzz_common_setup(); @@ -242,7 +249,7 @@ struct dropbear_progress_connection *fuzz_connect_remote(const char* UNUSED(remo return NULL; } -int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int authdone) { +int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int postauth) { static int once = 0; if (!once) { fuzz_svr_setup(); @@ -250,6 +257,8 @@ int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int aut once = 1; } + fuzz.svr_postauth = postauth; + if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) { return 0; } @@ -260,11 +269,6 @@ int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int aut int fakesock = wrapfd_new_fuzzinput(); - if (authdone) { - ses.authstate.authdone = 1; - fill_passwd("root"); - } - m_malloc_set_epoch(1); fuzz.do_jmp = 1; if (setjmp(fuzz.jmp) == 0) { |