aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLasse Collin <lasse.collin@tukaani.org>2018-10-26 22:49:10 +0300
committerLasse Collin <lasse.collin@tukaani.org>2018-10-26 22:49:10 +0300
commita18ae42a79a19b1394b41eb3e238139fd28012ec (patch)
treef2394d743768860000ba45774dab932eafb87fcb
parentxzless: Rename unused variables to silence static analysers. (diff)
downloadxz-a18ae42a79a19b1394b41eb3e238139fd28012ec.tar.xz
liblzma: Don't verify header CRC32s if building for fuzz testing.
FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION is #defined when liblzma is being built for fuzz testing. Most fuzzed inputs would normally get rejected because of incorrect CRC32 and the actual header decoding code wouldn't get fuzzed. Disabling CRC32 checks avoids this problem. The fuzzer program must still use LZMA_IGNORE_CHECK flag to disable verification of integrity checks of uncompressed data.
Diffstat (limited to '')
-rw-r--r--src/liblzma/common/block_header_decoder.c5
-rw-r--r--src/liblzma/common/index_decoder.c5
-rw-r--r--src/liblzma/common/index_hash.c5
-rw-r--r--src/liblzma/common/stream_flags_decoder.c10
4 files changed, 20 insertions, 5 deletions
diff --git a/src/liblzma/common/block_header_decoder.c b/src/liblzma/common/block_header_decoder.c
index 1dd982f6..730c5244 100644
--- a/src/liblzma/common/block_header_decoder.c
+++ b/src/liblzma/common/block_header_decoder.c
@@ -67,8 +67,11 @@ lzma_block_header_decode(lzma_block *block,
const size_t in_size = block->header_size - 4;
// Verify CRC32
- if (lzma_crc32(in, in_size, 0) != unaligned_read32le(in + in_size))
+ if (lzma_crc32(in, in_size, 0) != unaligned_read32le(in + in_size)) {
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
return LZMA_DATA_ERROR;
+#endif
+ }
// Check for unsupported flags.
if (in[1] & 0x3C)
diff --git a/src/liblzma/common/index_decoder.c b/src/liblzma/common/index_decoder.c
index e71fc6df..b2689885 100644
--- a/src/liblzma/common/index_decoder.c
+++ b/src/liblzma/common/index_decoder.c
@@ -180,8 +180,11 @@ index_decode(void *coder_ptr, const lzma_allocator *allocator,
return LZMA_OK;
if (((coder->crc32 >> (coder->pos * 8)) & 0xFF)
- != in[(*in_pos)++])
+ != in[(*in_pos)++]) {
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
return LZMA_DATA_ERROR;
+#endif
+ }
} while (++coder->pos < 4);
diff --git a/src/liblzma/common/index_hash.c b/src/liblzma/common/index_hash.c
index d7a0344b..e131fab7 100644
--- a/src/liblzma/common/index_hash.c
+++ b/src/liblzma/common/index_hash.c
@@ -313,8 +313,11 @@ lzma_index_hash_decode(lzma_index_hash *index_hash, const uint8_t *in,
return LZMA_OK;
if (((index_hash->crc32 >> (index_hash->pos * 8))
- & 0xFF) != in[(*in_pos)++])
+ & 0xFF) != in[(*in_pos)++]) {
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
return LZMA_DATA_ERROR;
+#endif
+ }
} while (++index_hash->pos < 4);
diff --git a/src/liblzma/common/stream_flags_decoder.c b/src/liblzma/common/stream_flags_decoder.c
index 1bc2f97c..84f9467f 100644
--- a/src/liblzma/common/stream_flags_decoder.c
+++ b/src/liblzma/common/stream_flags_decoder.c
@@ -39,8 +39,11 @@ lzma_stream_header_decode(lzma_stream_flags *options, const uint8_t *in)
const uint32_t crc = lzma_crc32(in + sizeof(lzma_header_magic),
LZMA_STREAM_FLAGS_SIZE, 0);
if (crc != unaligned_read32le(in + sizeof(lzma_header_magic)
- + LZMA_STREAM_FLAGS_SIZE))
+ + LZMA_STREAM_FLAGS_SIZE)) {
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
return LZMA_DATA_ERROR;
+#endif
+ }
// Stream Flags
if (stream_flags_decode(options, in + sizeof(lzma_header_magic)))
@@ -67,8 +70,11 @@ lzma_stream_footer_decode(lzma_stream_flags *options, const uint8_t *in)
// CRC32
const uint32_t crc = lzma_crc32(in + sizeof(uint32_t),
sizeof(uint32_t) + LZMA_STREAM_FLAGS_SIZE, 0);
- if (crc != unaligned_read32le(in))
+ if (crc != unaligned_read32le(in)) {
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
return LZMA_DATA_ERROR;
+#endif
+ }
// Stream Flags
if (stream_flags_decode(options, in + sizeof(uint32_t) * 2))