The followings are the branches where fuzzer fails to bypass.
| Unique non-covered Complexity | Unique Reachable Complexities | Unique Reachable Functions | All non-covered Complexity | All Reachable Complexity | Function Name | Function Callsite | Blocked Branch |
|---|---|---|---|---|---|---|---|
| 152 | 152 |
1 :
['buf_put_dss_pub_key'] |
356 | 421 | buf_put_pub_key | call site: 00128 | /src/dropbear/src/signkey.c:427 |
| 152 | 152 |
1 :
['buf_put_rsa_pub_key'] |
204 | 269 | buf_put_pub_key | call site: 00129 | /src/dropbear/src/signkey.c:432 |
| 99 | 99 |
1 :
['load_banner'] |
176 | 194 | svr_getopts | call site: 00000 | /src/dropbear/src/svr-runopts.c:394 |
| 53 | 71 |
3 :
['exit', 'm_free_direct', 'sign_key_free'] |
53 | 71 | svr_dropbear_exit | call site: 00000 | /src/dropbear/src/svr-session.c:294 |
| 52 | 65 |
2 :
['buf_put_ecdsa_pub_key', 'signkey_key_ptr'] |
52 | 114 | buf_put_pub_key | call site: 00178 | /src/dropbear/src/signkey.c:437 |
| 21 | 21 |
1 :
['parse_recv_window'] |
75 | 91 | svr_getopts | call site: 00000 | /src/dropbear/src/svr-runopts.c:410 |
| 20 | 29 |
2 :
['m_mp_free_multi', 'm_free_direct'] |
20 | 29 | dss_key_free | call site: 00000 | /src/dropbear/src/dss.c:125 |
| 20 | 29 |
2 :
['m_mp_free_multi', 'm_free_direct'] |
20 | 29 | rsa_key_free | call site: 00000 | /src/dropbear/src/rsa.c:146 |
| 20 | 20 |
1 :
['m_mp_free_multi'] |
20 | 20 | buf_get_dss_priv_key | call site: 00000 | /src/dropbear/src/dss.c:113 |
| 20 | 20 |
1 :
['m_mp_free_multi'] |
20 | 20 | buf_get_rsa_priv_key | call site: 00000 | /src/dropbear/src/rsa.c:133 |
| 13 | 13 |
1 :
['m_str_to_uint'] |
15 | 21 | svr_getopts | call site: 00000 | /src/dropbear/src/svr-runopts.c:448 |
| 12 | 21 |
2 :
['ecc_free', 'm_free_direct'] |
12 | 21 | buf_get_ecc_raw_pubkey | call site: 00000 | /src/dropbear/src/ecc.c:201 |
LLVMFuzzerTestOneInput
[function]
[call site]
00000
fuzz_set_input
[function]
[call site]
00001
wrapfd_setup
[function]
[call site]
00002
wrapfd_remove
[function]
[call site]
00003
__assert_fail
[call site]
00004
__assert_fail
[call site]
00005
__assert_fail
[call site]
00006
close
[call site]
00007
wrapfd_setseed
[function]
[call site]
00008
nrand48
[call site]
00009
fuzz_seed
[function]
[call site]
00010
sha256_init
[function]
[call site]
00011
crypt_argchk
[function]
[call site]
00012
fprintf
[call site]
00013
abort
[call site]
00014
sha256_process
[function]
[call site]
00015
crypt_argchk
[function]
[call site]
00016
sha256_compress
[function]
[call site]
00017
sha256_process
[function]
[call site]
00018
sha256_done
[function]
[call site]
00019
crypt_argchk
[function]
[call site]
00020
crypt_argchk
[function]
[call site]
00021
sha256_compress
[function]
[call site]
00022
sha256_compress
[function]
[call site]
00023
m_malloc_set_epoch
[function]
[call site]
00024
_setjmp
[call site]
00025
buf_getint
[function]
[call site]
00026
buf_getptr
[function]
[call site]
00027
dropbear_exit
[function]
[call site]
00028
buf_incrpos
[function]
[call site]
00029
dropbear_exit
[function]
[call site]
00030
buf_getstringbuf
[function]
[call site]
00031
buf_getstringbuf_int
[function]
[call site]
00032
buf_getint
[function]
[call site]
00033
dropbear_exit
[function]
[call site]
00034
buf_new
[function]
[call site]
00035
dropbear_exit
[function]
[call site]
00036
m_malloc
[function]
[call site]
00037
dropbear_exit
[function]
[call site]
00038
calloc
[call site]
00039
dropbear_exit
[function]
[call site]
00040
put_alloc
[function]
[call site]
00041
__assert_fail
[call site]
00042
__assert_fail
[call site]
00043
buf_putint
[function]
[call site]
00044
buf_getwriteptr
[function]
[call site]
00045
dropbear_exit
[function]
[call site]
00046
buf_incrwritepos
[function]
[call site]
00047
dropbear_exit
[function]
[call site]
00048
buf_getwriteptr
[function]
[call site]
00049
buf_getptr
[function]
[call site]
00050
buf_incrpos
[function]
[call site]
00051
buf_incrlen
[function]
[call site]
00052
dropbear_exit
[function]
[call site]
00053
buf_setpos
[function]
[call site]
00054
dropbear_exit
[function]
[call site]
00055
buf_new
[function]
[call site]
00056
kexcurve25519_comb_key
[function]
[call site]
00057
kexcurve25519_derive
[function]
[call site]
00058
dropbear_exit
[function]
[call site]
00059
dropbear_curve25519_scalarmult
[function]
[call site]
00060
unpack25519
[function]
[call site]
00061
sel25519
[function]
[call site]
00062
sel25519
[function]
[call site]
00063
A
[function]
[call site]
00064
Z
[function]
[call site]
00065
A
[function]
[call site]
00066
Z
[function]
[call site]
00067
S
[function]
[call site]
00068
M
[function]
[call site]
00069
car25519
[function]
[call site]
00070
car25519
[function]
[call site]
00071
S
[function]
[call site]
00072
M
[function]
[call site]
00073
M
[function]
[call site]
00074
A
[function]
[call site]
00075
Z
[function]
[call site]
00076
S
[function]
[call site]
00077
Z
[function]
[call site]
00078
M
[function]
[call site]
00079
A
[function]
[call site]
00080
M
[function]
[call site]
00081
M
[function]
[call site]
00082
M
[function]
[call site]
00083
S
[function]
[call site]
00084
sel25519
[function]
[call site]
00085
sel25519
[function]
[call site]
00086
inv25519
[function]
[call site]
00087
S
[function]
[call site]
00088
M
[function]
[call site]
00089
M
[function]
[call site]
00090
pack25519
[function]
[call site]
00091
car25519
[function]
[call site]
00092
car25519
[function]
[call site]
00093
car25519
[function]
[call site]
00094
sel25519
[function]
[call site]
00095
constant_time_memcmp
[function]
[call site]
00096
dropbear_exit
[function]
[call site]
00097
m_mp_alloc_init_multi
[function]
[call site]
00098
m_malloc
[function]
[call site]
00099
mp_init
[function]
[call site]
00100
m_calloc
[function]
[call site]
00101
dropbear_exit
[function]
[call site]
00102
m_malloc
[function]
[call site]
00103
dropbear_exit
[function]
[call site]
00104
bytes_to_mp
[function]
[call site]
00105
mp_from_ubin
[function]
[call site]
00106
mp_grow
[function]
[call site]
00107
m_realloc_ltm
[function]
[call site]
00108
m_realloc
[function]
[call site]
00109
dropbear_exit
[function]
[call site]
00110
get_header
[function]
[call site]
00111
remove_alloc
[function]
[call site]
00112
realloc
[call site]
00113
dropbear_exit
[function]
[call site]
00114
put_alloc
[function]
[call site]
00115
mp_zero
[function]
[call site]
00116
mp_mul_2d
[function]
[call site]
00117
mp_copy
[function]
[call site]
00118
mp_grow
[function]
[call site]
00119
mp_grow
[function]
[call site]
00120
mp_lshd
[function]
[call site]
00121
mp_clamp
[function]
[call site]
00122
mp_clamp
[function]
[call site]
00123
dropbear_exit
[function]
[call site]
00124
m_burn
[function]
[call site]
00125
explicit_bzero
[call site]
00126
buf_put_pub_key
[function]
[call site]
00127
buf_new
[function]
[call site]
00128
buf_put_dss_pub_key
[function]
[call site]
00129
fail_assert
[function]
[call site]
00130
dropbear_exit
[function]
[call site]
00131
buf_putstring
[function]
[call site]
00132
buf_putint
[function]
[call site]
00133
buf_putbytes
[function]
[call site]
00134
buf_getwriteptr
[function]
[call site]
00135
buf_incrwritepos
[function]
[call site]
00136
buf_putmpint
[function]
[call site]
00137
fail_assert
[function]
[call site]
00138
dropbear_exit
[function]
[call site]
00139
mp_count_bits
[function]
[call site]
00140
buf_putint
[function]
[call site]
00141
buf_putbyte
[function]
[call site]
00142
buf_incrlen
[function]
[call site]
00143
buf_getwriteptr
[function]
[call site]
00144
mp_to_ubin
[function]
[call site]
00145
mp_ubin_size
[function]
[call site]
00146
mp_count_bits
[function]
[call site]
00147
mp_init_copy
[function]
[call site]
00148
mp_init_size
[function]
[call site]
00149
m_calloc
[function]
[call site]
00150
mp_copy
[function]
[call site]
00151
mp_clear
[function]
[call site]
00152
m_free_ltm
[function]
[call site]
00153
m_free_direct
[function]
[call site]
00154
get_header
[function]
[call site]
00155
remove_alloc
[function]
[call site]
00156
mp_div_2d
[function]
[call site]
00157
mp_zero
[function]
[call site]
00158
mp_copy
[function]
[call site]
00159
mp_mod_2d
[function]
[call site]
00160
mp_zero
[function]
[call site]
00161
mp_copy
[function]
[call site]
00162
mp_copy
[function]
[call site]
00163
mp_clamp
[function]
[call site]
00164
mp_rshd
[function]
[call site]
00165
mp_clamp
[function]
[call site]
00166
mp_clear
[function]
[call site]
00167
dropbear_exit
[function]
[call site]
00168
buf_incrwritepos
[function]
[call site]
00169
buf_putmpint
[function]
[call site]
00170
buf_putmpint
[function]
[call site]
00171
buf_putmpint
[function]
[call site]
00172
buf_put_rsa_pub_key
[function]
[call site]
00173
fail_assert
[function]
[call site]
00174
buf_putstring
[function]
[call site]
00175
buf_putmpint
[function]
[call site]
00176
buf_putmpint
[function]
[call site]
00177
signkey_is_ecdsa
[function]
[call site]
00178
signkey_key_ptr
[function]
[call site]
00179
buf_put_ecdsa_pub_key
[function]
[call site]
00180
curve_for_dp
[function]
[call site]
00181
__assert_fail
[call site]
00182
snprintf
[call site]
00183
strlen
[call site]
00184
buf_putstring
[function]
[call site]
00185
strlen
[call site]
00186
buf_putstring
[function]
[call site]
00187
buf_put_ecc_raw_pubkey_string
[function]
[call site]
00188
buf_putint
[function]
[call site]
00189
buf_getwriteptr
[function]
[call site]
00190
ecc_ansi_x963_export
[function]
[call site]
00191
crypt_argchk
[function]
[call site]
00192
crypt_argchk
[function]
[call site]
00193
ltc_ecc_is_valid_idx
[function]
[call site]
00194
crypt_argchk
[function]
[call site]
00195
zeromem
[function]
[call site]
00196
m_burn
[function]
[call site]
00197
zeromem
[function]
[call site]
00198
dropbear_exit
[function]
[call site]
00199
buf_incrwritepos
[function]
[call site]
00200
buf_put_ed25519_pub_key
[function]
[call site]
00201
fail_assert
[function]
[call site]
00202
buf_putstring
[function]
[call site]
00203
buf_putstring
[function]
[call site]
00204
dropbear_exit
[function]
[call site]
00205
buf_putbufstring
[function]
[call site]
00206
buf_putstring
[function]
[call site]
00207
buf_free
[function]
[call site]
00208
m_free_direct
[function]
[call site]
00209
buf_putstring
[function]
[call site]
00210
buf_putstring
[function]
[call site]
00211
buf_putmpint
[function]
[call site]
00212
finish_kexhashbuf
[function]
[call site]
00213
buf_setpos
[function]
[call site]
00214
buf_getptr
[function]
[call site]
00215
buf_new
[function]
[call site]
00216
buf_getwriteptr
[function]
[call site]
00217
buf_setlen
[function]
[call site]
00218
dropbear_exit
[function]
[call site]
00219
buf_burn_free
[function]
[call site]
00220
m_burn
[function]
[call site]
00221
m_free_direct
[function]
[call site]
00222
m_burn
[function]
[call site]
00223
buf_newcopy
[function]
[call site]
00224
buf_new
[function]
[call site]
00225
mp_clear
[function]
[call site]
00226
m_free_direct
[function]
[call site]
00227
buf_free
[function]
[call site]
00228
buf_free
[function]
[call site]
00229
buf_free
[function]
[call site]
00230
m_malloc_free_epoch
[function]
[call site]
00231
put_alloc
[function]
[call site]
00232
m_malloc_free_epoch
[function]
[call site]
00233