Closed Bug 2025098 Opened 1 month ago Closed 25 days ago

Improve PKCS12 fuzz target

Categories

(NSS :: Test, task)

Product:
NSS
Component:
Test
Type:
task

Tracking

(nss 3.123)

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
nss --- 3.123

People

(Reporter: mdauer, Assigned: mdauer)

Details

Attachments

(2 files)

Bug 2025098 - Part 1: Simplify fuzzer MAC verification to always pass, r?djackson,#nss-reviewers
48 bytes, text/x-phabricator-request
Details | Review
Bug 2025098 - Part 2: Always return unique nickname for PKCS12 fuzzer, r?djackson,#nss-reviewers
48 bytes, text/x-phabricator-request
Details | Review

After investigating Bug 2008112, there are two possible improvements:

  • In UNSAFE_FUZZER_MODE, the MAC verifier should always accept inputs. I don't think there is any benefit in us rejecting ~50% of inputs.
  • The nickname callback should always return a unique nickname, making sure that we don't exit early.
Group: crypto-core-security
Keywords: sec-other
Attachment #9556047 - Attachment description: (secure) → Bug 2025098 - Part 1: Simplify fuzzer MAC verification to always pass, r?djackson,#nss-reviewers
Attachment #9556048 - Attachment description: (secure) → Bug 2025098 - Part 2: Always return unique nickname for PKCS12 fuzzer, r?djackson,#nss-reviewers

Pushed by djackson@mozilla.com:
https://hg.mozilla.org/projects/nss/rev/34d1c9853211
Part 1: Simplify fuzzer MAC verification to always pass, r=djackson,nss-reviewers
https://hg.mozilla.org/projects/nss/rev/9ff1e09b5278
Part 2: Always return unique nickname for PKCS12 fuzzer, r=djackson,nss-reviewers

Status: ASSIGNED → RESOLVED
Closed: 25 days ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: