mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-04-05 05:27:39 +03:00
Code Issues Projects Releases Packages Wiki Activity

Add fuzz test support

Browse source 
Describe how to invoke the AFL fuzz tester on the KeePassXC
CLI tool. As suggested in #2729.

Fuzz test build of keepassxc-cli takes database password from
environment variable instead of requiring it to be empty.
Provide two empty kdbx files as initial fuzzer input, one
kdbx 3 and one kdbx 4, both with minimal number of decryption
rounds to speed up the test.
This commit is contained in:
Wolfram Rösler 2020-04-21 23:36:31 +02:00 committed by Jonathan White
parent 48d9fb3e79
commit 34b44e7496
4 changed files with 75 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/cli/Utils.cpp
View file

@ -191,6 +191,12 @@ namespace Utils
*/
QString getPassword(bool quiet)
{
#ifdef __AFL_COMPILER
// Fuzz test build takes password from environment variable to
// allow non-interactive operation
const auto env = getenv("KEYPASSXC_AFL_PASSWORD");
return env ? env : "";
#else
auto& in = STDIN;
auto& out = quiet ? DEVNULL : STDERR;
@ -200,6 +206,7 @@ namespace Utils
out << endl;
return line;
#endif // __AFL_COMPILER
}
/**