aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fuzz: use fuzzing confyaml for protodetect target

Browse Source 
As is done for other targets,
so that all app-layer protocols are enabled,
even the ones disabled by default such as enip

And resets protocol detection every time we try
so that probing_parser_toserver_alproto_masks are fresh.
pull/6809/head
Philippe Antoine 4 years ago committed by Victor Julien
parent cda11b8d97
commit 09c84d0c26
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File

12
src/tests/fuzz/fuzz_applayerprotodetectgetproto.c
Unescape Escape View File

@ -10,13 +10,15 @@
#include "flow-util.h" #include "flow-util.h"
#include "app-layer-parser.h" #include "app-layer-parser.h"
#include "util-unittest-helper.h" #include "util-unittest-helper.h"
#include "conf-yaml-loader.h"
#define HEADER_LEN 6 #define HEADER_LEN 6
//rule of thumb constant, so as not to timeout target //rule of thumb constant, so as not to timeout target
#define PROTO_DETECT_MAX_LEN 1024 #define PROTO_DETECT_MAX_LEN 1024
#include "confyaml.c"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
AppLayerProtoDetectThreadCtx *alpd_tctx = NULL; AppLayerProtoDetectThreadCtx *alpd_tctx = NULL;
@ -37,6 +39,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
//global init //global init
InitGlobal(); InitGlobal();
run_mode = RUNMODE_UNITTEST; run_mode = RUNMODE_UNITTEST;
if (ConfYamlLoadString(configNoChecksum, strlen(configNoChecksum)) != 0) {
abort();
}
MpmTableSetup(); MpmTableSetup();
SpmTableSetup(); SpmTableSetup();
AppLayerProtoDetectSetup(); AppLayerProtoDetectSetup();
@ -60,14 +65,15 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
} }
alproto = AppLayerProtoDetectGetProto( alproto = AppLayerProtoDetectGetProto(
alpd_tctx, f, data + HEADER_LEN, size - HEADER_LEN, f->proto, flags, &reverse); alpd_tctx, f, data + HEADER_LEN, size - HEADER_LEN, f->proto, flags, &reverse);
if (alproto != ALPROTO_UNKNOWN && alproto != ALPROTO_FAILED && f->proto == IPPROTO_TCP && if (alproto != ALPROTO_UNKNOWN && alproto != ALPROTO_FAILED && f->proto == IPPROTO_TCP) {
(data[0] & STREAM_MIDSTREAM) == 0) {
/* If we find a valid protocol at the start of a stream : /* If we find a valid protocol at the start of a stream :
* check that with smaller input * check that with smaller input
* we find the same protocol or ALPROTO_UNKNOWN. * we find the same protocol or ALPROTO_UNKNOWN.
* Otherwise, we have evasion with TCP splitting * Otherwise, we have evasion with TCP splitting
*/ */
for (size_t i = 0; i < size-HEADER_LEN && i < PROTO_DETECT_MAX_LEN; i++) { for (size_t i = 0; i < size-HEADER_LEN && i < PROTO_DETECT_MAX_LEN; i++) {
// reset detection at each try cf probing_parser_toserver_alproto_masks
AppLayerProtoDetectReset(f);
alproto2 = AppLayerProtoDetectGetProto( alproto2 = AppLayerProtoDetectGetProto(
alpd_tctx, f, data + HEADER_LEN, i, f->proto, flags, &reverse); alpd_tctx, f, data + HEADER_LEN, i, f->proto, flags, &reverse);
if (alproto2 != ALPROTO_UNKNOWN && alproto2 != alproto) { if (alproto2 != ALPROTO_UNKNOWN && alproto2 != alproto) {

Write Preview
Loading…
Cancel
Save