1*6777b538SAndroid Build Coastguard Worker // Copyright 2017 The Chromium Authors
2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file.
4*6777b538SAndroid Build Coastguard Worker
5*6777b538SAndroid Build Coastguard Worker #include <stddef.h>
6*6777b538SAndroid Build Coastguard Worker #include <stdint.h>
7*6777b538SAndroid Build Coastguard Worker
8*6777b538SAndroid Build Coastguard Worker #include <fuzzer/FuzzedDataProvider.h>
9*6777b538SAndroid Build Coastguard Worker
10*6777b538SAndroid Build Coastguard Worker #include <string>
11*6777b538SAndroid Build Coastguard Worker #include <vector>
12*6777b538SAndroid Build Coastguard Worker
13*6777b538SAndroid Build Coastguard Worker #include "base/containers/span.h"
14*6777b538SAndroid Build Coastguard Worker #include "net/ntlm/ntlm_client.h"
15*6777b538SAndroid Build Coastguard Worker #include "net/ntlm/ntlm_test_data.h"
16*6777b538SAndroid Build Coastguard Worker
ConsumeRandomLengthString16(FuzzedDataProvider & data_provider,size_t max_chars)17*6777b538SAndroid Build Coastguard Worker std::u16string ConsumeRandomLengthString16(FuzzedDataProvider& data_provider,
18*6777b538SAndroid Build Coastguard Worker size_t max_chars) {
19*6777b538SAndroid Build Coastguard Worker std::string bytes = data_provider.ConsumeRandomLengthString(max_chars * 2);
20*6777b538SAndroid Build Coastguard Worker return std::u16string(reinterpret_cast<const char16_t*>(bytes.data()),
21*6777b538SAndroid Build Coastguard Worker bytes.size() / 2);
22*6777b538SAndroid Build Coastguard Worker }
23*6777b538SAndroid Build Coastguard Worker
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)24*6777b538SAndroid Build Coastguard Worker extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
25*6777b538SAndroid Build Coastguard Worker FuzzedDataProvider fdp(data, size);
26*6777b538SAndroid Build Coastguard Worker bool is_v2 = fdp.ConsumeBool();
27*6777b538SAndroid Build Coastguard Worker uint64_t client_time = fdp.ConsumeIntegral<uint64_t>();
28*6777b538SAndroid Build Coastguard Worker net::ntlm::NtlmClient client((net::ntlm::NtlmFeatures(is_v2)));
29*6777b538SAndroid Build Coastguard Worker
30*6777b538SAndroid Build Coastguard Worker // Generate the input strings and challenge message. The strings will have a
31*6777b538SAndroid Build Coastguard Worker // maximum length 1 character longer than the maximum that |NtlmClient| will
32*6777b538SAndroid Build Coastguard Worker // accept to allow exploring the error cases.
33*6777b538SAndroid Build Coastguard Worker std::u16string domain =
34*6777b538SAndroid Build Coastguard Worker ConsumeRandomLengthString16(fdp, net::ntlm::kMaxFqdnLen + 1);
35*6777b538SAndroid Build Coastguard Worker std::u16string username =
36*6777b538SAndroid Build Coastguard Worker ConsumeRandomLengthString16(fdp, net::ntlm::kMaxUsernameLen + 1);
37*6777b538SAndroid Build Coastguard Worker std::u16string password =
38*6777b538SAndroid Build Coastguard Worker ConsumeRandomLengthString16(fdp, net::ntlm::kMaxPasswordLen + 1);
39*6777b538SAndroid Build Coastguard Worker std::string hostname =
40*6777b538SAndroid Build Coastguard Worker fdp.ConsumeRandomLengthString(net::ntlm::kMaxFqdnLen + 1);
41*6777b538SAndroid Build Coastguard Worker std::string channel_bindings = fdp.ConsumeRandomLengthString(150);
42*6777b538SAndroid Build Coastguard Worker std::string spn =
43*6777b538SAndroid Build Coastguard Worker fdp.ConsumeRandomLengthString(net::ntlm::kMaxFqdnLen + 5 + 1);
44*6777b538SAndroid Build Coastguard Worker std::vector<uint8_t> challenge_msg_bytes =
45*6777b538SAndroid Build Coastguard Worker fdp.ConsumeRemainingBytes<uint8_t>();
46*6777b538SAndroid Build Coastguard Worker
47*6777b538SAndroid Build Coastguard Worker client.GenerateAuthenticateMessage(
48*6777b538SAndroid Build Coastguard Worker domain, username, password, hostname, channel_bindings, spn, client_time,
49*6777b538SAndroid Build Coastguard Worker net::ntlm::test::kClientChallenge, base::make_span(challenge_msg_bytes));
50*6777b538SAndroid Build Coastguard Worker return 0;
51*6777b538SAndroid Build Coastguard Worker }
52