Fuzzing

Since version 5.5.3 parts of the strongSwan code base are fuzzed on Google’s OSS-Fuzz infrastructure.

The following fuzz targets are currently in use:

fuzz-certs^[1]: Fuzzes the X.509 certificate parsing framework as provided by the loaded plugins and the ASN.1 parser of the libstrongswan library.
fuzz-crls^[1]: Fuzzes the CRL parsing framework provided by the loaded plugins and the ASN.1 parser of the libstrongswan library.
fuzz-ids: Fuzzes the identity parser of the libstrongswan library.
fuzz-ike: Fuzzes the IKE message parser of the libcharon library (plaintext only).
fuzz-ocsp-req^[1]: Fuzzes the OCSP request parsing framework provided by the loaded plugins and the ASN.1 parser of the libstrongswan library.
fuzz-ocsp-rsp^[1]: Fuzzes the OCSP response parsing framework provided by the loaded plugins and the ASN.1 parser of the libstrongswan library.
fuzz-pa-tnc: Fuzzes the PA-TNC message parser (libimcv).
fuzz-pb-tnc: Fuzzes the PB-TNC batch parser (libtnccs).

The seed corpora used by the fuzz targets is provided in a separate repository.

1. This fuzzer is built twice, once with default crypto plugins, once with the old custom crypto plugins.