java stubs for fuzzer; top-level README and pocs stubs

README.md

+# SWEN90006 Assignment 2 2019
+
+Please see the assignment handout which contains all the essential
+information.
+
+Structure of this repository:
+
+* src/:        -  where the code for the C implementation of the passbook lives
+* src/pocs/:   -  where your PoCs live
+* fuzzer/:     -  where your fuzzer will live
+
+Pre-Included Scripts:
+
+* src/Makefile         - makefile for building the C implementation etc.
+* src/get_coverage.sh  - script to generate coverage reports
+
+Vulnerable Versions (you should put your security vulnerabilities in here):
+
+* src/passbook-vuln1.c -- src/passbook-vuln5.c
+
+Proofs of Concept (PoCs that you should provide for each vulnerability):
+
+* src/pocs/poc1.txt -- src/pocs/poc5.txt
+

fuzzer/Fuzzer.java

+import java.io.IOException;
+import java.io.FileOutputStream;
+import java.io.PrintWriter;
+
+
+/* a stub for your team's fuzzer */
+public class Fuzzer {
+
+    private static final String OUTPUT_FILE = "fuzz.txt";
+    
+    public static void main(String[] args) throws IOException {
+        System.out.println(Instruction.getBNF());
+        FileOutputStream out = null;
+        PrintWriter pw = null;
+        try {
+            out = new FileOutputStream(OUTPUT_FILE);
+            pw = new PrintWriter(out);
+            
+            /* We just print one instruction.
+               Hint: you might want to make use of the instruction
+               grammar which is effectively encoded in Instruction.java */
+            pw.println("list");
+            
+        }catch (Exception e){
+            e.printStackTrace(System.err);
+            System.exit(1);
+        }finally{
+            if (pw != null){
+                pw.flush();
+            }
+            if (out != null){
+                out.close();
+            }
+        }
+
+    }
+
+}

fuzzer/Instruction.java

+import java.util.Arrays;
+import java.util.ArrayList;
+
+public enum Instruction {
+    PUT("put",new OperandType[]{OperandType.STRING,OperandType.STRING,OperandType.STRING}),
+    GET("get",new OperandType[]{OperandType.STRING}),
+    REM("rem",new OperandType[]{OperandType.STRING}),
+    SAVE("save",new OperandType[]{OperandType.STRING,OperandType.STRING}),
+    LIST("list",new OperandType[]{}),
+    MASTERPW("masterpw",new OperandType[]{OperandType.STRING});
+
+    public static String getBNF(){
+        String grammar = "<INSTRUCTION> ::= \n";
+        Instruction[] INSTS = Instruction.values();
+        boolean firstInst = true;
+        for (Instruction inst : INSTS){
+            if (firstInst){
+                grammar += "      \"";
+                firstInst = false;
+            }else{
+                grammar += "    | \"";
+            }
+            grammar += inst.getOpcode() + "\"";
+            for (OperandType op : inst.getOperands()){
+                grammar += " <" + op.toString() + ">";
+            }
+            grammar += "\n";
+        }
+        return grammar;
+    }
+    
+    private final String opcode;
+    private final OperandType[] operands;
+
+    Instruction(String opcode, OperandType[] operands){
+        this.opcode = opcode;
+        this.operands = operands;
+    }
+
+    public String getOpcode(){
+        return opcode;
+    }
+    
+    public OperandType[] getOperands(){
+        return operands;
+    }
+
+    public String toString(){
+        String operandsString = "";
+        for (OperandType op : operands) {
+            operandsString += " " + op.toString();
+        }
+        return "\"" + opcode + "\"" + operandsString;
+    }
+    
+}

fuzzer/OperandType.java

+public enum OperandType {
+    STRING
+}