ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-03-03 18:52:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix uninitialised memory in fuzzer codepath

Browse Source
This commit is contained in:
Matt Johnston 2018-03-06 22:02:19 +08:00
parent a60725740b
commit 4fd3160179
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
packet.c
View File

@ -364,9 +364,11 @@ static int checkmac() {
#if DROPBEAR_FUZZ
if (fuzz.fuzzing) {
/* fail 1 in 2000 times to test error path.
note that mac_bytes is all zero prior to kex, so don't test ==0 ! */
unsigned int value = *((unsigned int*)&mac_bytes);
/* fail 1 in 2000 times to test error path. */
unsigned int value = 0;
if (mac_size > sizeof(value)) {
memcpy(&value, mac_bytes, sizeof(value));
}
if (value % 2000 == 99) {
return DROPBEAR_FAILURE;
}