diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2017-05-20 13:23:16 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2017-05-20 13:23:16 +0800 |
| commit | fdc6f323923b36add7ab7112b1b4d05368bd5902 (patch) | |
| tree | 0eb315924b21f11431f5195cfc7e6bab2aa4b6e2 /packet.c | |
| parent | e7cdb2ebe5982e4fd881d9ee1e472ad922237b07 (diff) | |
closer to working
--HG--
branch : fuzz
Diffstat (limited to 'packet.c')
| -rw-r--r-- | packet.c | 12 |
1 files changed, 11 insertions, 1 deletions
@@ -36,7 +36,6 @@ #include "channel.h" #include "netio.h" #include "runopts.h" -#include "fuzz.h" static int read_packet_init(void); static void make_mac(unsigned int seqno, const struct key_context_directional * key_state, @@ -371,6 +370,17 @@ static int checkmac() { buf_setpos(ses.readbuf, 0); make_mac(ses.recvseq, &ses.keys->recv, ses.readbuf, contents_len, mac_bytes); +#ifdef DROPBEAR_FUZZ + if (fuzz.fuzzing) { + // fail 1 in 1000 times to test error path + unsigned int value = *((unsigned int*)&mac_bytes); + if (value % 1000 == 0) { + return DROPBEAR_FAILURE; + } + return DROPBEAR_SUCCESS; + } +#endif + /* compare the hash */ buf_setpos(ses.readbuf, contents_len); if (constant_time_memcmp(mac_bytes, buf_getptr(ses.readbuf, mac_size), mac_size) != 0) { |