From: Mike Aizatsky <aizatsky@google.com>
Date: Wed, 26 Oct 2016 20:56:39 +0000 (-0700)
Subject: [fuzzers] do not fail fuzzers with empty input
X-Git-Tag: OpenSSL_1_1_1-pre1~3300
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ba7407002d899b614d4728da9004594f947ff3da;p=openssl

[fuzzers] do not fail fuzzers with empty input

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1788
---

diff --git a/fuzz/cms.c b/fuzz/cms.c
index f97173add3..94390e7c91 100644
--- a/fuzz/cms.c
+++ b/fuzz/cms.c
@@ -22,8 +22,12 @@ int FuzzerInitialize(int *argc, char ***argv) {
 
 int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
     CMS_ContentInfo *i;
-    BIO *in = BIO_new(BIO_s_mem());
+    BIO *in;
+    if (!len) {
+        return 0;
+    }
 
+    in = BIO_new(BIO_s_mem());
     OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);
     i = d2i_CMS_bio(in, NULL);
     CMS_ContentInfo_free(i);
diff --git a/fuzz/server.c b/fuzz/server.c
index 0076306db9..35449d8caa 100644
--- a/fuzz/server.c
+++ b/fuzz/server.c
@@ -217,6 +217,12 @@ int FuzzerInitialize(int *argc, char ***argv) {
 }
 
 int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
+    SSL *server;
+    BIO *in;
+    BIO *out;
+    if (!len) {
+        return 0;
+    }
     /* TODO: make this work for OpenSSL. There's a PREDICT define that may do
      * the job.
      * TODO: use the ossltest engine (optionally?) to disable crypto checks.
@@ -224,9 +230,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
      */
 
     /* This only fuzzes the initial flow from the client so far. */
-    SSL *server = SSL_new(ctx);
-    BIO *in = BIO_new(BIO_s_mem());
-    BIO *out = BIO_new(BIO_s_mem());
+    server = SSL_new(ctx);
+    in = BIO_new(BIO_s_mem());
+    out = BIO_new(BIO_s_mem());
     SSL_set_bio(server, in, out);
     SSL_set_accept_state(server);
     OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);