openvpn icon indicating copy to clipboard operation
openvpn copied to clipboard

Published 20 hours ago verified publisher icon OpenVPN

Fuzzing improvements

Open arcz opened this issue 2 years ago • 0 comments
trafficstars

This commit consists of fuzzing improvements as part of Trail of Bits audit that we want to contribute.

Summary of changes:

  • harnesses moved from oss-fuzz to this repository
  • fixed the harnesses so they build with the current code
  • expanded coverage of the existing harnesses
  • added two new harnesses: fuzz_mss and fuzz_parse_argv
  • changed OpenVPN code to use the FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION macro instead of ad-hoc patching as recommended by the libFuzzer documentation
  • added a simple python script to run fuzzing straight from OpenVPN repo and to generate coverage reports

After integrating those changes we recommend doing the following next steps:

  • integrate building harnesses into CI to ensure they don't break with OpenVPN code changes
  • update the OpenVPN project in oss-fuzz to use the harnesses from OpenVPN repository

arcz avatar Dec 29 '22 18:12 arcz