Don't abort on invalid message in fuzzing build

Bug: 272805221 Change-Id: I3762b6db817ec649d31e42dff399c54d96e28cca
author: David Drysdale <drysdale@google.com> 2023-05-25 07:33:10 +0100
committer: David Drysdale <drysdale@google.com> 2023-06-02 13:26:45 +0000
commit: 74b3933bb7ff7f4b746be12648fcae68229e1e8a (patch)
tree: 798fb07c6f9b16fb1f6de12cd6a8ed08708da0df
parent: da4c531d6b34671311bbcc6c516d53bb485e0bf2 (diff)
download: keymaster-74b3933bb7ff7f4b746be12648fcae68229e1e8a.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/trusty_keymaster.cpp b/trusty_keymaster.cpp
index 1c87ed6..673eed4 100644
--- a/trusty_keymaster.cpp
+++ b/trusty_keymaster.cpp
@@ -43,9 +43,22 @@ GetVersion2Response TrustyKeymaster::GetVersion2(
         break;
 
     default:
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+        // In a fuzzing build, if the fuzzer sends invalid messages we should
+        // log an error and continue, to allow the fuzzer to explore more of the
+        // code.
+        LOG_E("HAL sent invalid message version %d, struggling on as fuzzing build",
+              req.max_message_version);
+        context_->SetKmVersion((req.max_message_version & 0x01)
+                                       ? KmVersion::KEYMINT_3
+                                       : KmVersion::KEYMASTER_4);
+#else
+        // By default, if the HAL service is sending invalid messages then the
+        // safest thing to do is to terminate.
         LOG_E("HAL sent invalid message version %d, crashing",
               req.max_message_version);
         abort();
+#endif
     }
 
     return AndroidKeymaster::GetVersion2(req);
author	David Drysdale <drysdale@google.com>	2023-05-25 07:33:10 +0100
committer	David Drysdale <drysdale@google.com>	2023-06-02 13:26:45 +0000
commit	74b3933bb7ff7f4b746be12648fcae68229e1e8a (patch)
tree	798fb07c6f9b16fb1f6de12cd6a8ed08708da0df
parent	da4c531d6b34671311bbcc6c516d53bb485e0bf2 (diff)
download	keymaster-74b3933bb7ff7f4b746be12648fcae68229e1e8a.tar.gz