@ -10,13 +10,15 @@
# include "flow-util.h"
# include "app-layer-parser.h"
# include "util-unittest-helper.h"
# include "conf-yaml-loader.h"
# define HEADER_LEN 6
//rule of thumb constant, so as not to timeout target
# define PROTO_DETECT_MAX_LEN 1024
# include "confyaml.c"
int LLVMFuzzerTestOneInput ( const uint8_t * data , size_t size ) ;
AppLayerProtoDetectThreadCtx * alpd_tctx = NULL ;
@ -37,6 +39,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
//global init
InitGlobal ( ) ;
run_mode = RUNMODE_UNITTEST ;
if ( ConfYamlLoadString ( configNoChecksum , strlen ( configNoChecksum ) ) ! = 0 ) {
abort ( ) ;
}
MpmTableSetup ( ) ;
SpmTableSetup ( ) ;
AppLayerProtoDetectSetup ( ) ;
@ -60,14 +65,15 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
}
alproto = AppLayerProtoDetectGetProto (
alpd_tctx , f , data + HEADER_LEN , size - HEADER_LEN , f - > proto , flags , & reverse ) ;
if ( alproto ! = ALPROTO_UNKNOWN & & alproto ! = ALPROTO_FAILED & & f - > proto = = IPPROTO_TCP & &
( data [ 0 ] & STREAM_MIDSTREAM ) = = 0 ) {
if ( alproto ! = ALPROTO_UNKNOWN & & alproto ! = ALPROTO_FAILED & & f - > proto = = IPPROTO_TCP ) {
/* If we find a valid protocol at the start of a stream :
* check that with smaller input
* we find the same protocol or ALPROTO_UNKNOWN .
* Otherwise , we have evasion with TCP splitting
*/
for ( size_t i = 0 ; i < size - HEADER_LEN & & i < PROTO_DETECT_MAX_LEN ; i + + ) {
// reset detection at each try cf probing_parser_toserver_alproto_masks
AppLayerProtoDetectReset ( f ) ;
alproto2 = AppLayerProtoDetectGetProto (
alpd_tctx , f , data + HEADER_LEN , i , f - > proto , flags , & reverse ) ;
if ( alproto2 ! = ALPROTO_UNKNOWN & & alproto2 ! = alproto ) {
Philippe Antoine
4 years ago
committed by
Victor Julien