Skip to content

Commit

Permalink
minor fixes + random password generation was implemented
Browse files Browse the repository at this point in the history
  • Loading branch information
nmlsg committed Sep 15, 2023
1 parent da37e93 commit f0c5e22
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 7 deletions.
9 changes: 4 additions & 5 deletions regress/zip_write_encrypt_aes256_file_fuzzer.cc
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ extern "C"

/**
This fuzzing target takes input data, creates a ZIP archive, load it to a buffer, adds a file to it
with AES-128 encryption and a specified password, and then closes and removes the archive.
with AES-256 encryption and a specified password, and then closes and removes the archive.
The purpose of this fuzzer is to test security of ZIP archive handling and encryption in the libzip
by subjecting it to various inputs, including potentially malicious or malformed data of different file types.
Expand All @@ -27,8 +27,8 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
zip_file_t* f;

std::string path = random_string(20) + "_aes256"+ ".zip";
const char *password = "secretpassword";
const char * file = "file";
const char *password = random_string(20).c_str();
const char * file = random_string(20).c_str();
int error = 0;
struct zip *archive = zip_open(path.c_str(), ZIP_CREATE, &error);

Expand All @@ -46,9 +46,8 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
printf("failed to add file to archive: %s\n",zip_strerror(archive));
return -1;
}
zip_file_set_encryption(archive, index, ZIP_EM_AES_128, password);
zip_file_set_encryption(archive, index, ZIP_EM_AES_256, password);
zip_close(archive);
//fclose
std::remove(path.c_str());

return 0;
Expand Down
4 changes: 2 additions & 2 deletions regress/zip_write_encrypt_pkware_file_fuzzer.cc
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
zip_file_t* f;

std::string path = random_string(20) + "_pkware"+ ".zip";
const char *password = "secretpassword";
const char * file = "file";
const char *password = random_string(20).c_str();
const char * file = random_string(20).c_str();
int error = 0;
struct zip *archive = zip_open(path.c_str(), ZIP_CREATE, &error);

Expand Down

0 comments on commit f0c5e22

Please sign in to comment.