don't longjmp for fuzzer-preauth (temporary to debug asan)

--HG-- branch : fuzz
2025-04-22 07:05:13 +00:00 · 2017-05-30 22:50:52 +08:00 · 2017-05-30 22:50:52 +08:00 · ea0e23c172
commit ea0e23c172
parent 4d07aa315b
1 changed files with 20 additions and 16 deletions
--- a/fuzzer-preauth.c
+++ b/fuzzer-preauth.c
@ -19,35 +19,39 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
 		return 0;
 	}

-    // get prefix. input format is
-    // string prefix
-    //     uint32 wrapfd seed
-    //     ... to be extended later
-    // [bytes] ssh input stream
+	// get prefix. input format is
+	// string prefix
+	//     uint32 wrapfd seed
+	//     ... to be extended later
+	// [bytes] ssh input stream

-    // be careful to avoid triggering buffer.c assertions
-    if (fuzz.input->len < 8) {
-        return 0;
-    }
-    size_t prefix_size = buf_getint(fuzz.input);
-    if (prefix_size != 4) {
-        return 0;
-    }
-    uint32_t wrapseed = buf_getint(fuzz.input);
-    wrapfd_setseed(wrapseed);
+	// be careful to avoid triggering buffer.c assertions
+	if (fuzz.input->len < 8) {
+		return 0;
+	}
+	size_t prefix_size = buf_getint(fuzz.input);
+	if (prefix_size != 4) {
+		return 0;
+	}
+	uint32_t wrapseed = buf_getint(fuzz.input);
+	wrapfd_setseed(wrapseed);

 	int fakesock = 20;
 	wrapfd_add(fakesock, fuzz.input, PLAIN);

 	m_malloc_set_epoch(1);
+	// temporarily disable setjmp to debug asan segv
+	svr_session(fakesock, fakesock);
+	#if 0
 	if (setjmp(fuzz.jmp) == 0) {
 		svr_session(fakesock, fakesock);
-        m_malloc_free_epoch(1, 0);
+		m_malloc_free_epoch(1, 0);
 	} else {
 		m_malloc_free_epoch(1, 1);
 		TRACE(("dropbear_exit longjmped"))
 		// dropbear_exit jumped here
 	}
+	#endif

 	return 0;
 }