Bug 1315193 - Fuzzing mode: ssl_Time() must return a constant value r=franziskus
authorTim Taubert <ttaubert@mozilla.com>
Fri, 04 Nov 2016 10:45:46 +0100
changeset 12802 0d3edbbcad817d09209c139ac3c014b92b05a604
parent 12801 f68614e662b2bd4980d01b2029b67fcbadfaa7a7
child 12803 683df0bf8bf6b6e0aebe22f72d0066810b337820
push id1744
push userttaubert@mozilla.com
push dateFri, 04 Nov 2016 09:46:56 +0000
reviewersfranziskus
bugs1315193
Bug 1315193 - Fuzzing mode: ssl_Time() must return a constant value r=franziskus Differential Revision: https://nss-review.dev.mozaws.net/D19
gtests/ssl_gtest/manifest.mn
gtests/ssl_gtest/ssl_fuzz_unittest.cc
gtests/ssl_gtest/ssl_gtest.gyp
lib/ssl/ssl.gyp
lib/ssl/sslnonce.c
tests/ssl_gtests/ssl_gtests.sh
--- a/gtests/ssl_gtest/manifest.mn
+++ b/gtests/ssl_gtest/manifest.mn
@@ -18,16 +18,17 @@ CPPSRCS = \
       ssl_cert_ext_unittest.cc \
       ssl_ciphersuite_unittest.cc \
       ssl_damage_unittest.cc \
       ssl_dhe_unittest.cc \
       ssl_drop_unittest.cc \
       ssl_ecdh_unittest.cc \
       ssl_ems_unittest.cc \
       ssl_extension_unittest.cc \
+      ssl_fuzz_unittest.cc \
       ssl_gtest.cc \
       ssl_hrr_unittest.cc \
       ssl_loopback_unittest.cc \
       ssl_record_unittest.cc \
       ssl_resumption_unittest.cc \
       ssl_skip_unittest.cc \
       ssl_staticrsa_unittest.cc \
       ssl_v2_client_hello_unittest.cc \
new file mode 100644
--- /dev/null
+++ b/gtests/ssl_gtest/ssl_fuzz_unittest.cc
@@ -0,0 +1,25 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ssl.h"
+#include "sslimpl.h"
+
+#include "gtest/gtest.h"
+
+namespace nss_test {
+
+#ifdef UNSAFE_FUZZER_MODE
+
+class TlsFuzzTest : public ::testing::Test {};
+
+// Ensure that ssl_Time() returns a constant value.
+TEST_F(TlsFuzzTest, Fuzz_SSL_Time_Constant) {
+  PRInt32 now = ssl_Time();
+  PR_Sleep(PR_SecondsToInterval(2));
+  EXPECT_EQ(ssl_Time(), now);
+}
+
+#endif
+
+}
--- a/gtests/ssl_gtest/ssl_gtest.gyp
+++ b/gtests/ssl_gtest/ssl_gtest.gyp
@@ -18,16 +18,17 @@
         'ssl_cert_ext_unittest.cc',
         'ssl_ciphersuite_unittest.cc',
         'ssl_damage_unittest.cc',
         'ssl_dhe_unittest.cc',
         'ssl_drop_unittest.cc',
         'ssl_ecdh_unittest.cc',
         'ssl_ems_unittest.cc',
         'ssl_extension_unittest.cc',
+        'ssl_fuzz_unittest.cc',
         'ssl_gtest.cc',
         'ssl_hrr_unittest.cc',
         'ssl_loopback_unittest.cc',
         'ssl_record_unittest.cc',
         'ssl_resumption_unittest.cc',
         'ssl_skip_unittest.cc',
         'ssl_staticrsa_unittest.cc',
         'ssl_v2_client_hello_unittest.cc',
--- a/lib/ssl/ssl.gyp
+++ b/lib/ssl/ssl.gyp
@@ -58,16 +58,21 @@
         [ 'ssl_enable_zlib==1', {
           'dependencies': [
             '<(DEPTH)/lib/zlib/zlib.gyp:nss_zlib'
           ],
           'defines': [
             'NSS_SSL_ENABLE_ZLIB',
           ],
         }],
+        [ 'fuzz==1', {
+          'defines': [
+            'UNSAFE_FUZZER_MODE',
+          ],
+        }],
       ],
       'dependencies': [
         '<(DEPTH)/exports.gyp:nss_exports',
         '<(DEPTH)/lib/freebl/freebl.gyp:freebl',
       ],
     },
     {
       'target_name': 'ssl3',
--- a/lib/ssl/sslnonce.c
+++ b/lib/ssl/sslnonce.c
@@ -435,16 +435,20 @@ SSL_ClearSessionCache(void)
         UncacheSID(cache);
     UNLOCK_CACHE;
 }
 
 /* returns an unsigned int containing the number of seconds in PR_Now() */
 PRUint32
 ssl_Time(void)
 {
+#ifdef UNSAFE_FUZZER_MODE
+    return 1234;
+#endif
+
     PRUint32 myTime;
 #if defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)
     myTime = time(NULL); /* accurate until the year 2038. */
 #else
     /* portable, but possibly slower */
     PRTime now;
     PRInt64 ll;
 
--- a/tests/ssl_gtests/ssl_gtests.sh
+++ b/tests/ssl_gtests/ssl_gtests.sh
@@ -122,17 +122,18 @@ ssl_gtest_start()
   if [ ! -f ${BINDIR}/ssl_gtest ]; then
     html_unknown "Skipping ssl_gtest (not built)"
     return
   fi
 
   SSLGTESTREPORT="${SSLGTESTDIR}/report.xml"
   PARSED_REPORT="${SSLGTESTDIR}/report.parsed"
   echo "executing ssl_gtest"
-  ${BINDIR}/ssl_gtest -d "${SSLGTESTDIR}" --gtest_output=xml:"${SSLGTESTREPORT}"
+  ${BINDIR}/ssl_gtest -d "${SSLGTESTDIR}" --gtest_output=xml:"${SSLGTESTREPORT}" \
+                                          --gtest_filter="${GTESTFILTER-*}"
   html_msg $? 0 "ssl_gtest run successfully"
   echo "executing sed to parse the xml report"
   sed -f ${COMMON}/parsegtestreport.sed "${SSLGTESTREPORT}" > "${PARSED_REPORT}"
   echo "processing the parsed report"
   cat "${PARSED_REPORT}" | while read result name; do
     if [ "$result" = "notrun" ]; then
       echo "$name" SKIPPED
     elif [ "$result" = "run" ]; then