diff --git a/tools/fuzz-harness/compile.sh b/tools/fuzz-harness/compile.sh index bde757ca5..3901691ff 100755 --- a/tools/fuzz-harness/compile.sh +++ b/tools/fuzz-harness/compile.sh @@ -1,4 +1,5 @@ -#!/bin/bash -eu +#!/bin/bash +set -eu if [[ ! -d "/AFLplusplus" ]] ; then echo "This script shall be run inside the AFL++ container" diff --git a/tools/fuzz-harness/docker.sh b/tools/fuzz-harness/docker.sh index c65e34a41..af6066612 100755 --- a/tools/fuzz-harness/docker.sh +++ b/tools/fuzz-harness/docker.sh @@ -1,4 +1,5 @@ -#!/bin/bash -eu +#!/bin/bash +set -eu HARNESS_DIR=$(realpath $(dirname $0)) SOURCE_DIR=$HARNESS_DIR/../.. @@ -12,4 +13,4 @@ docker run --rm -it \ -v$HARNESS_DIR/input:/input:ro \ -v$HARNESS_DIR/output:/output \ -e HOST_USER_ID=$(id -u) -e HOST_GROUP_ID=$(id -g) \ - $IMAGE \ No newline at end of file + $IMAGE diff --git a/tools/fuzz-harness/fuzz.sh b/tools/fuzz-harness/fuzz.sh index 7fc72e95a..b57143d0a 100755 --- a/tools/fuzz-harness/fuzz.sh +++ b/tools/fuzz-harness/fuzz.sh @@ -1,4 +1,5 @@ -#!/bin/bash -eu +#!/bin/bash +set -eu : ${FUZZ_INPUT:="$HOME/input"} : ${FUZZ_OUTPUT:="$HOME/output"} : ${FUZZ_BUILD:="$HOME/build"} diff --git a/vanetza/security/straight_verify_service.cpp b/vanetza/security/straight_verify_service.cpp index 058f73a17..c747c25e9 100644 --- a/vanetza/security/straight_verify_service.cpp +++ b/vanetza/security/straight_verify_service.cpp @@ -469,8 +469,8 @@ VerifyConfirm StraightVerifyService::verify(const v3::SecuredMessage& msg) } const v3::asn1::Certificate* certificate = boost::apply_visitor(certificate_lookup_visitor, signer_identifier); - if (!certificate && maybe_digest) { - if (msg.its_aid() == aid::CA && m_context_v3.m_sign_policy) { + if (!certificate) { + if (msg.its_aid() == aid::CA && m_context_v3.m_sign_policy && maybe_digest) { // for received CAMs (having digest as signer identifier) with unknown AT we request the full AT certificate m_context_v3.m_sign_policy->request_unrecognized_certificate(*maybe_digest); } @@ -478,8 +478,11 @@ VerifyConfirm StraightVerifyService::verify(const v3::SecuredMessage& msg) return confirm; } + // code below can safely dereference certificate + assert(certificate != nullptr); + // check AT certificate's validity - if (certificate && m_context_v3.m_cert_validator) { + if (m_context_v3.m_cert_validator) { auto verdict = m_context_v3.m_cert_validator->valid_for_signing(v3::CertificateView { certificate }, msg.its_aid()); if (verdict != v3::CertificateValidator::Verdict::Valid) { confirm.report = VerificationReport::Invalid_Certificate; @@ -538,7 +541,7 @@ VerifyConfirm StraightVerifyService::verify(const v3::SecuredMessage& msg) } // update certificate cache with received certificate - if (certificate && v3::contains_certificate(signer_identifier)) { + if (v3::contains_certificate(signer_identifier)) { cache.store(v3::Certificate { *certificate }); } } diff --git a/vanetza/security/v3/secured_message.cpp b/vanetza/security/v3/secured_message.cpp index 7672f5d13..823a1ddc6 100644 --- a/vanetza/security/v3/secured_message.cpp +++ b/vanetza/security/v3/secured_message.cpp @@ -377,6 +377,9 @@ PacketVariant SecuredMessage::payload() const case Vanetza_Security_Ieee1609Dot2Content_PR_signedData: buffer = get_payload(m_struct->content->choice.signedData); break; + default: + // empty buffer as fallback + break; } return CohesivePacket { std::move(buffer), OsiLayer::Network }; @@ -391,6 +394,9 @@ void SecuredMessage::set_payload(const ByteBuffer& payload) case Vanetza_Security_Ieee1609Dot2Content_PR_signedData: vanetza::security::v3::set_payload(&m_struct->content->choice.signedData->tbsData->payload->data->content->choice.unsecuredData, payload); break; + default: + // cannot copy payload into secured message + break; } }