| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <assert.h> |
| 6 #include <stddef.h> |
| 7 #include <stdint.h> |
| 8 |
| 9 #include <algorithm> |
| 10 #include <vector> |
| 11 |
| 12 #include "third_party/libsrtp/srtp/include/rtp.h" |
| 13 #include "third_party/libsrtp/srtp/include/rtp_priv.h" |
| 14 #include "third_party/libsrtp/srtp/include/srtp.h" |
| 15 |
| 16 // TODO(katrielc) Also test the authenticated path, which is what |
| 17 // WebRTC uses. This is nontrivial because you need to bypass the MAC |
| 18 // check. Two options: add a UNSAFE_FUZZER_MODE flag to libsrtp (or |
| 19 // the chromium fork of it), or compute the HMAC of whatever gibberish |
| 20 // the fuzzer produces and write it into the packet manually. |
| 21 |
| 22 namespace LibSrtpFuzzer { |
| 23 enum CryptoPolicy { |
| 24 NONE, |
| 25 LIKE_WEBRTC, |
| 26 LIKE_WEBRTC_WITHOUT_AUTH, |
| 27 AES_GCM, |
| 28 NUMBER_OF_POLICIES, |
| 29 }; |
| 30 } |
| 31 |
| 32 struct Environment { |
| 33 srtp_policy_t GetCryptoPolicy(LibSrtpFuzzer::CryptoPolicy crypto_policy, |
| 34 const unsigned char* replacement_key) { |
| 35 switch (crypto_policy) { |
| 36 case LibSrtpFuzzer::NUMBER_OF_POLICIES: |
| 37 case LibSrtpFuzzer::NONE: |
| 38 crypto_policy_set_null_cipher_null_auth(&policy.rtp); |
| 39 crypto_policy_set_null_cipher_null_auth(&policy.rtcp); |
| 40 break; |
| 41 case LibSrtpFuzzer::LIKE_WEBRTC: |
| 42 crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtp); |
| 43 crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); |
| 44 case LibSrtpFuzzer::LIKE_WEBRTC_WITHOUT_AUTH: |
| 45 crypto_policy_set_aes_cm_128_null_auth(&policy.rtp); |
| 46 crypto_policy_set_aes_cm_128_null_auth(&policy.rtcp); |
| 47 break; |
| 48 case LibSrtpFuzzer::AES_GCM: |
| 49 // There was a security bug in the GCM mode in libsrtp 1.5.2. |
| 50 crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); |
| 51 crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); |
| 52 break; |
| 53 } |
| 54 |
| 55 memcpy(key, replacement_key, SRTP_MASTER_KEY_LEN); |
| 56 return policy; |
| 57 }; |
| 58 |
| 59 Environment() { |
| 60 srtp_init(); |
| 61 |
| 62 memset(&policy, 0, sizeof(policy)); |
| 63 policy.allow_repeat_tx = 1; |
| 64 policy.ekt = nullptr; |
| 65 policy.key = key; |
| 66 policy.next = nullptr; |
| 67 policy.ssrc.type = ssrc_any_inbound; |
| 68 policy.ssrc.value = 0xdeadbeef; |
| 69 policy.window_size = 1024; |
| 70 } |
| 71 |
| 72 private: |
| 73 srtp_policy_t policy; |
| 74 unsigned char key[SRTP_MASTER_KEY_LEN] = {0}; |
| 75 |
| 76 static void crypto_policy_set_null_cipher_null_auth(crypto_policy_t* p) { |
| 77 p->cipher_type = NULL_CIPHER; |
| 78 p->cipher_key_len = 0; |
| 79 p->auth_type = NULL_AUTH; |
| 80 p->auth_key_len = 0; |
| 81 p->auth_tag_len = 0; |
| 82 p->sec_serv = sec_serv_none; |
| 83 }; |
| 84 }; |
| 85 |
| 86 size_t ReadLength(const uint8_t* data, size_t size) { |
| 87 // Read one byte of input and interpret it as a length to read from |
| 88 // data. Don't return more bytes than are available. |
| 89 size_t n = static_cast<size_t>(data[0]); |
| 90 return std::min(n, size - 1); |
| 91 } |
| 92 |
| 93 Environment* env = new Environment(); |
| 94 |
| 95 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
| 96 // Read one byte and use it to choose a crypto policy. |
| 97 if (size <= 1) |
| 98 return 0; |
| 99 LibSrtpFuzzer::CryptoPolicy policy = static_cast<LibSrtpFuzzer::CryptoPolicy>( |
| 100 data[0] % LibSrtpFuzzer::NUMBER_OF_POLICIES); |
| 101 data += 1; |
| 102 size -= 1; |
| 103 |
| 104 // Read some more bytes to use as a key. |
| 105 if (size <= SRTP_MASTER_KEY_LEN) |
| 106 return 0; |
| 107 srtp_policy_t srtp_policy = env->GetCryptoPolicy(policy, data); |
| 108 data += SRTP_MASTER_KEY_LEN; |
| 109 size -= SRTP_MASTER_KEY_LEN; |
| 110 |
| 111 srtp_t session; |
| 112 err_status_t error = srtp_create(&session, &srtp_policy); |
| 113 assert(error == err_status_ok); |
| 114 |
| 115 // Read one byte as a packet length N, then feed the next N bytes |
| 116 // into srtp_unprotect. Keep going until we run out of data. |
| 117 size_t packet_size; |
| 118 while (size > 0 && (packet_size = ReadLength(data, size)) > 0) { |
| 119 // One byte was used by ReadLength. |
| 120 data++; |
| 121 size--; |
| 122 |
| 123 size_t header_size = std::min(sizeof(srtp_hdr_t), packet_size); |
| 124 size_t body_size = packet_size - header_size; |
| 125 |
| 126 // We deliberately do not initialise this struct. MSAN will catch |
| 127 // usage of the uninitialised memory. |
| 128 rtp_msg_t message; |
| 129 memcpy(&message.header, data, header_size); |
| 130 memcpy(&message.body, data + header_size, body_size); |
| 131 |
| 132 int out_len = static_cast<int>(packet_size); |
| 133 srtp_unprotect(session, &message, &out_len); |
| 134 |
| 135 // |packet_size| bytes were used above. |
| 136 data += packet_size; |
| 137 size -= packet_size; |
| 138 } |
| 139 |
| 140 srtp_dealloc(session); |
| 141 return 0; |
| 142 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2123553002:
Add a fuzzer for srtp_unprotect in libsrtp. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master