crashers found by `go-fuzz`
dgryski opened this issue · comments
I ran https://github.com/dvyukov/go-fuzz for 20 minutes on my laptop, using the two test cases as seeds. I found two crashers. I've put them here. https://gist.github.com/671299f5b190c5229ca7
The fixes should probably be merged into the pending CL https://go-review.googlesource.com/#/c/11986/ . We should also check if this bug affects github.com/cloudflare/cfssl/ , which includes a copy of this code.
We could probably use a bit more fuzzing on a bigger computer for a longer period of time.
Just realized I needed to add the fuzzing framework too. I've pushed that to the gist too as fuzz.go
.
@dgryski Paul the repo owner is currently on vacation and will be back on Aug 24. I guess until he comes back we cannot update the CL. Just giving heads up. 😄
I will have some time Thurs or Fri to look at this.
The patches from @agl in https://go-review.googlesource.com/#/c/11986/ look like they fix these.
Yes, he cleaned it up quite a bit. :-) Thanks for commenting on that review. I'll leave this issue open, but I propose we don't fix it unless the crypto PR doesn't make the cut eventually.
I've confirmed that the current version of the code on Gerritt doesn't crash for these inputs and I'm going to leave go-fuzz running for a little while so see if it finds anything more here.
Awesome. I'll close the issue here.