From: Eric Biggers <ebiggers@xxxxxxxxxx> Implementations of hash functions often have special cases when lengths are a multiple of the hash function's internal block size (e.g. 64 for SHA-256, 128 for SHA-512). Currently, when the fuzz testing code generates lengths, it doesn't prefer any length mod 64 over any other. This limits the coverage of these special cases. Therefore, this patch updates the fuzz testing code to generate power-of-2 lengths and divide messages exactly in half a bit more often. Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> --- crypto/testmgr.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 3dddd288ca02c..2200d70e2aa9d 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -899,16 +899,18 @@ static inline u32 prandom_u32_inclusive(struct rnd_state *rng, static unsigned int generate_random_length(struct rnd_state *rng, unsigned int max_len) { unsigned int len = prandom_u32_below(rng, max_len + 1); - switch (prandom_u32_below(rng, 4)) { + switch (prandom_u32_below(rng, 5)) { case 0: return len % 64; case 1: return len % 256; case 2: + return min(1U << (len % 10), max_len); + case 3: return len % 1024; default: return len; } } @@ -1004,10 +1006,12 @@ static char *generate_random_sgl_divisions(struct rnd_state *rng, unsigned int this_len; const char *flushtype_str; if (div == &divs[max_divs - 1] || prandom_bool(rng)) this_len = remaining; + else if (prandom_u32_below(rng, 4) == 0) + this_len = (remaining + 1) / 2; else this_len = prandom_u32_inclusive(rng, 1, remaining); div->proportion_of_total = this_len; if (prandom_u32_below(rng, 4) == 0) -- 2.44.0