ERR_clear_error at the end of each fuzzer.

Data allocated in one fuzzer iteration and then freed in the next complicates the leak checker. Avoid this by dropping hidden global state at the end of each run. Change-Id: Ice79704f2754a6b1f40e288df9b97ddd5b3b97d5 Reviewed-on: https://boringssl-review.googlesource.com/11600 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
2016-10-13 19:03:17 -04:00 · 2016-10-13 19:03:17 -04:00 · 4c0e6c64b6
commit 4c0e6c64b6
parent 1991af6900
8 changed files with 17 additions and 1 deletions
--- a/fuzz/cert.cc
+++ b/fuzz/cert.cc
@ -12,6 +12,7 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

+#include <openssl/err.h>
 #include <openssl/mem.h>
 #include <openssl/x509.h>

@ -27,5 +28,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
    OPENSSL_free(der);
  }
  X509_free(x509);
+  ERR_clear_error();
  return 0;
 }
--- a/fuzz/client.cc
+++ b/fuzz/client.cc
@ -15,6 +15,7 @@
 #include <assert.h>

 #include <openssl/bio.h>
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
@ -290,5 +291,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
  }
  SSL_free(client);

+  ERR_clear_error();
  return 0;
 }
--- a/fuzz/pkcs8.cc
+++ b/fuzz/pkcs8.cc
@ -13,6 +13,7 @@
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

 #include <openssl/bytestring.h>
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/mem.h>

@ -34,5 +35,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
  }
  CBB_cleanup(&cbb);
  EVP_PKEY_free(pkey);
+  ERR_clear_error();
  return 0;
 }
--- a/fuzz/privkey.cc
+++ b/fuzz/privkey.cc
@ -12,9 +12,11 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

+#include <openssl/err.h>
 #include <openssl/evp.h>

 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
  EVP_PKEY_free(d2i_AutoPrivateKey(NULL, &buf, len));
+  ERR_clear_error();
  return 0;
 }
--- a/fuzz/read_pem.cc
+++ b/fuzz/read_pem.cc
@ -12,7 +12,8 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

-#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
 #include <openssl/mem.h>
 #include <openssl/pem.h>

@ -32,5 +33,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {

  BIO_free(bio);

+  ERR_clear_error();
  return 0;
 }
--- a/fuzz/server.cc
+++ b/fuzz/server.cc
@ -16,6 +16,7 @@

 #include <openssl/bio.h>
 #include <openssl/dh.h>
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
@ -289,5 +290,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
  }
  SSL_free(server);

+  ERR_clear_error();
  return 0;
 }
--- a/fuzz/spki.cc
+++ b/fuzz/spki.cc
@ -13,6 +13,7 @@
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

 #include <openssl/bytestring.h>
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/mem.h>

@ -21,6 +22,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
  CBS_init(&cbs, buf, len);
  EVP_PKEY *pkey = EVP_parse_public_key(&cbs);
  if (pkey == NULL) {
+    ERR_clear_error();
    return 0;
  }

@ -34,5 +36,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
  }
  CBB_cleanup(&cbb);
  EVP_PKEY_free(pkey);
+  ERR_clear_error();
  return 0;
 }
--- a/fuzz/ssl_ctx_api.cc
+++ b/fuzz/ssl_ctx_api.cc
@ -19,6 +19,7 @@
 #include <assert.h>

 #include <openssl/bytestring.h>
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include <openssl/ssl.h>