Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fuzz test fixes related to pre_key_id and archived sessions count #521

Closed
wants to merge 3 commits into from
Closed

Fuzz test fixes related to pre_key_id and archived sessions count #521

wants to merge 3 commits into from

Conversation

moodyjon
Copy link
Contributor

@moodyjon moodyjon commented May 8, 2023

Fixes #514

Adopts idea from #514 about limiting the sum me.archive_count + them.archive_count < 40. Seems reasonable that any session archive by A would require B to archive a session state if those new messages are received.

I also observed some failures where either pre_key_id == 0 or duplicate pre_key_id would confuse the message decryption.

The consumption of random numbers in process_pre_key is kept in case there are pre-existing corpora that rely on that behavior. Could probably be eliminated...

@jrose-signal
Copy link
Contributor

(Sorry I/we haven't gotten around to looking at this, a bunch of other stuff going on.)

@moodyjon moodyjon mentioned this pull request Jun 13, 2023
Open
@moodyjon
Copy link
Contributor Author

Moving to draft status as a new failing fuzz input was found. #514 (comment)

@moodyjon moodyjon marked this pull request as draft June 13, 2023 15:47
@moodyjon moodyjon marked this pull request as ready for review June 16, 2023 18:45
@stale Stale
Copy link

stale bot commented Dec 1, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Dec 1, 2023
@jrose-signal
Copy link
Contributor

Okay! This looks good, can you sign the CLA so we can accept your code? (And I think it's okay to discard existing test cases, if they were important we'd save them as seeds in the repo itself.)

(It's been months so I also understand if you've moved on completely, in which case I'll close this and fix the issues independently.)

@moodyjon
Copy link
Contributor Author

moodyjon commented Dec 9, 2023

OK, I removed extraneous random number generation gen_range() which is not used anymore to generate prekey IDs.

CLA Signed.

@jrose-signal jrose-signal added awaiting release Will be in the next release of libsignal and removed acknowledged labels Dec 11, 2023
@jrose-signal
Copy link
Contributor

Included in v0.37.0, thank you! And sorry again for the long delay.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
awaiting release Will be in the next release of libsignal
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Rust][Fuzzing] ERROR libsignal_protocol::session_cipher No valid session for recipient
2 participants
@moodyjon @jrose-signal