aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

afl: fix ENIP, switch DNS to UDP and add --afl-dnstcp*

Browse Source
pull/2549/head
Victor Julien 9 years ago
parent c89ce17017
commit 4683b0e662
8 changed files with 56 additions and 31 deletions
Show Stats Download Patch File Download Diff File

3
src/app-layer-detect-proto.c
Unescape Escape View File

@ -1624,6 +1624,9 @@ int AppLayerProtoDetectConfProtoDetectionEnabled(const char *ipproto,
ConfNode *node;
int r;
#ifdef AFLFUZZ_APPLAYER
goto enabled;
#endif
if (RunmodeIsUnittests())
goto enabled;

2
src/app-layer-dnp3.c
Unescape Escape View File

@ -1598,7 +1598,9 @@ void RegisterDNP3Parsers(void)
if (!AppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP,
proto_name, ALPROTO_DNP3, 0, sizeof(DNP3LinkHeader),
DNP3ProbingParser, NULL)) {
#ifndef AFLFUZZ_APPLAYER
return;
#endif
}
}

2
src/app-layer-dns-udp.c
Unescape Escape View File

@ -404,9 +404,11 @@ void RegisterDNSUDPParsers(void)
DNSUdpProbingParser, NULL);
/* if we have no config, we enable the default port 53 */
if (!have_cfg) {
#ifndef AFLFUZZ_APPLAYER
SCLogWarning(SC_ERR_DNS_CONFIG, "no DNS UDP config found, "
"enabling DNS detection on "
"port 53.");
#endif
AppLayerProtoDetectPPRegister(IPPROTO_UDP, "53",
ALPROTO_DNS, 0, sizeof(DNSHeader),
STREAM_TOSERVER, DNSUdpProbingParser, NULL);

2
src/app-layer-enip.c
Unescape Escape View File

@ -482,7 +482,9 @@ void RegisterENIPTCPParsers(void)
proto_name, ALPROTO_ENIP, 0, sizeof(ENIPEncapHdr),
ENIPProbingParser, ENIPProbingParser))
{
#ifndef AFLFUZZ_APPLAYER
return;
#endif
}
}

4
src/app-layer-modbus.c
Unescape Escape View File

@ -1497,11 +1497,7 @@ void RegisterModbusParsers(void)
return;
#endif
}
#ifndef AFLFUZZ_APPLAYER
if (AppLayerParserConfParserEnabled("tcp", proto_name)) {
#else
if (1) {
#endif
AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_MODBUS, STREAM_TOSERVER, ModbusParseRequest);
AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_MODBUS, STREAM_TOCLIENT, ModbusParseResponse);
AppLayerParserRegisterStateFuncs(IPPROTO_TCP, ALPROTO_MODBUS, ModbusStateAlloc, ModbusStateFree);

17
src/app-layer-parser.c
Unescape Escape View File

@ -265,6 +265,10 @@ void AppLayerParserThreadCtxFree(AppLayerParserThreadCtx *tctx)
SCReturn;
}
/** \brief check if a parser is enabled in the config
* Returns enabled always if: were running unittests and
* when compiled with --enable-afl
*/
int AppLayerParserConfParserEnabled(const char *ipproto,
const char *alproto_name)
{
@ -275,6 +279,9 @@ int AppLayerParserConfParserEnabled(const char *ipproto,
ConfNode *node;
int r;
#ifdef AFLFUZZ_APPLAYER
goto enabled;
#endif
if (RunmodeIsUnittests())
goto enabled;
@ -1307,7 +1314,7 @@ void AppLayerParserStatePrintDetails(AppLayerParserState *pstate)
#endif
#ifdef AFLFUZZ_APPLAYER
int AppLayerParserRequestFromFile(AppProto alproto, char *filename)
int AppLayerParserRequestFromFile(uint8_t ipproto, AppProto alproto, char *filename)
{
int result = 1;
Flow *f = NULL;
@ -1327,7 +1334,8 @@ int AppLayerParserRequestFromFile(AppProto alproto, char *filename)
f->sp = 10000;
f->dp = 80;
f->protoctx = &ssn;
f->proto = IPPROTO_TCP;
f->proto = ipproto;
f->protomap = FlowGetProtoMapping(f->proto);
f->alproto = alproto;
uint8_t buffer[64];
@ -1383,7 +1391,7 @@ end:
return result;
}
int AppLayerParserFromFile(AppProto alproto, char *filename)
int AppLayerParserFromFile(uint8_t ipproto, AppProto alproto, char *filename)
{
int result = 1;
Flow *f = NULL;
@ -1403,7 +1411,8 @@ int AppLayerParserFromFile(AppProto alproto, char *filename)
f->sp = 10000;
f->dp = 80;
f->protoctx = &ssn;
f->proto = IPPROTO_TCP;
f->proto = ipproto;
f->protomap = FlowGetProtoMapping(f->proto);
f->alproto = alproto;
uint8_t buffer[64];

4
src/app-layer-parser.h
Unescape Escape View File

@ -237,8 +237,8 @@ void AppLayerParserStatePrintDetails(AppLayerParserState *pstate);
#endif
#ifdef AFLFUZZ_APPLAYER
int AppLayerParserRequestFromFile(AppProto alproto, char *filename);
int AppLayerParserFromFile(AppProto alproto, char *filename);
int AppLayerParserRequestFromFile(uint8_t ipproto, AppProto alproto, char *filename);
int AppLayerParserFromFile(uint8_t ipproto, AppProto alproto, char *filename);
#endif
/***** Unittests *****/

53
src/suricata.c
Unescape Escape View File

@ -116,6 +116,7 @@
#include "app-layer-htp.h"
#include "app-layer-ssl.h"
#include "app-layer-dns-tcp.h"
#include "app-layer-dns-udp.h"
#include "app-layer-ssh.h"
#include "app-layer-ftp.h"
#include "app-layer-smtp.h"
@ -1415,7 +1416,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterHTPParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_HTTP, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_HTTP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-http") == 0) {
//printf("arg: //%s\n", optarg);
MpmTableSetup();
@ -1423,7 +1424,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterHTPParsers();
exit(AppLayerParserFromFile(ALPROTO_HTTP, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_HTTP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-tls-request") == 0) {
//printf("arg: //%s\n", optarg);
@ -1432,7 +1433,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterSSLParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_TLS, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_TLS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-tls") == 0) {
//printf("arg: //%s\n", optarg);
MpmTableSetup();
@ -1440,17 +1441,27 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterSSLParsers();
exit(AppLayerParserFromFile(ALPROTO_TLS, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_TLS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-dns-request") == 0) {
//printf("arg: //%s\n", optarg);
RegisterDNSTCPParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_DNS, optarg));
RegisterDNSUDPParsers();
exit(AppLayerParserRequestFromFile(IPPROTO_UDP, ALPROTO_DNS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-dns") == 0) {
//printf("arg: //%s\n", optarg);
AppLayerParserSetup();
RegisterDNSUDPParsers();
exit(AppLayerParserFromFile(IPPROTO_UDP, ALPROTO_DNS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-dnstcp-request") == 0) {
//printf("arg: //%s\n", optarg);
RegisterDNSTCPParsers();
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_DNS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-dnstcp") == 0) {
//printf("arg: //%s\n", optarg);
AppLayerParserSetup();
RegisterDNSTCPParsers();
exit(AppLayerParserFromFile(ALPROTO_DNS, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_DNS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-ssh-request") == 0) {
//printf("arg: //%s\n", optarg);
@ -1458,7 +1469,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
SpmTableSetup();
AppLayerProtoDetectSetup();
RegisterSSHParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_SSH, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_SSH, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-ssh") == 0) {
//printf("arg: //%s\n", optarg);
MpmTableSetup();
@ -1466,7 +1477,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterSSHParsers();
exit(AppLayerParserFromFile(ALPROTO_SSH, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_SSH, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-ftp-request") == 0) {
//printf("arg: //%s\n", optarg);
@ -1475,7 +1486,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterFTPParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_FTP, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_FTP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-ftp") == 0) {
//printf("arg: //%s\n", optarg);
MpmTableSetup();
@ -1483,7 +1494,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterFTPParsers();
exit(AppLayerParserFromFile(ALPROTO_FTP, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_FTP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-smtp-request") == 0) {
//printf("arg: //%s\n", optarg);
@ -1492,7 +1503,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterSMTPParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_SMTP, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_SMTP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-smtp") == 0) {
//printf("arg: //%s\n", optarg);
MpmTableSetup();
@ -1500,7 +1511,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterSMTPParsers();
exit(AppLayerParserFromFile(ALPROTO_SMTP, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_SMTP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-smb-request") == 0) {
//printf("arg: //%s\n", optarg);
@ -1508,7 +1519,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
SpmTableSetup();
AppLayerProtoDetectSetup();
RegisterSMBParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_SMB, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_SMB, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-smb") == 0) {
//printf("arg: //%s\n", optarg);
MpmTableSetup();
@ -1516,36 +1527,36 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
AppLayerProtoDetectSetup();
AppLayerParserSetup();
RegisterSMBParsers();
exit(AppLayerParserFromFile(ALPROTO_SMB, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_SMB, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-modbus-request") == 0) {
//printf("arg: //%s\n", optarg);
AppLayerParserSetup();
RegisterModbusParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_MODBUS, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_MODBUS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-modbus") == 0) {
//printf("arg: //%s\n", optarg);
AppLayerParserSetup();
RegisterModbusParsers();
exit(AppLayerParserFromFile(ALPROTO_MODBUS, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_MODBUS, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-enip-request") == 0) {
//printf("arg: //%s\n", optarg);
AppLayerParserSetup();
RegisterENIPTCPParsers();
exit(AppLayerParserRequestFromFile(ALPROTO_ENIP, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_ENIP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-enip") == 0) {
//printf("arg: //%s\n", optarg);
AppLayerParserSetup();
RegisterENIPTCPParsers();
exit(AppLayerParserFromFile(ALPROTO_ENIP, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_ENIP, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-dnp3-request") == 0) {
AppLayerParserSetup();
RegisterDNP3Parsers();
exit(AppLayerParserRequestFromFile(ALPROTO_DNP3, optarg));
exit(AppLayerParserRequestFromFile(IPPROTO_TCP, ALPROTO_DNP3, optarg));
} else if(strcmp((long_opts[option_index]).name, "afl-dnp3") == 0) {
AppLayerParserSetup();
RegisterDNP3Parsers();
exit(AppLayerParserFromFile(ALPROTO_DNP3, optarg));
exit(AppLayerParserFromFile(IPPROTO_TCP, ALPROTO_DNP3, optarg));
#endif
#ifdef AFLFUZZ_MIME
} else if(strcmp((long_opts[option_index]).name, "afl-mime") == 0) {

Write Preview
Loading…
Cancel
Save