diff --git a/.classpath b/.classpath
new file mode 100644
index 0000000000000000000000000000000000000000..3619eebd8f32ce5db84985ce4f1bbba1a062cfe5
--- /dev/null
+++ b/.classpath
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+ <classpathentry kind="src" path="fuzzer"/>
+ <classpathentry kind="output" path="bin"/>
+</classpath>
diff --git a/.gitignore b/.gitignore
index da4e5096bd577df638bf72903f197dcf88b4e5e2..28be01149450e46d14429d08b01b2d8bcc7ed80c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
*~
\#*
+/bin/
diff --git a/.project b/.project
new file mode 100644
index 0000000000000000000000000000000000000000..0a1317d4d593bfcf8b41808291ee5b84bb378cb3
--- /dev/null
+++ b/.project
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+ <name>swen90006-a2-2018</name>
+ <comment></comment>
+ <projects>
+ </projects>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ </natures>
+</projectDescription>
diff --git a/fuzzer/Fuzzer.java b/fuzzer/Fuzzer.java
index 85ffea567160a985f7b4301d5f92af4f8c4c58a1..eeec1375e2bc9a1a2d7c863b62f9a23bffeb500f 100644
--- a/fuzzer/Fuzzer.java
+++ b/fuzzer/Fuzzer.java
@@ -1,58 +1,26 @@
import java.io.IOException;
import java.io.FileOutputStream;
import java.io.PrintWriter;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Random;
/* a stub for your team's fuzzer */
public class Fuzzer {
private static final String OUTPUT_FILE = "fuzz.s";
-
+ private static final List<String> validOpcodes = new ArrayList<String>(Arrays.asList("ADD","SUB","MUL","DIV","RET","LDR","STR","MOV","JMP","JZ"));
+ private static final int maxRegistry = 32;
+ private static final int maxMemory = 65536;
public static void main(String[] args) throws IOException {
FileOutputStream out = null;
PrintWriter pw = null;
try {
out = new FileOutputStream(OUTPUT_FILE);
pw = new PrintWriter(out);
-
- /*
-
- */
- /* We just print one instruction.
- Hint: you might want to make use of the instruction
- grammar which is effectively encoded in Instruction.java */
- /*pw.println("MOV R1 1");
- pw.println("MOV R2 10");
-
- for(int x=0;x<300;x++){
- pw.println("ADD R1 R1 R2");
- }*/
- /*pw.println("MOV R1 65535");
- pw.println("LDR R0 R1 0");*/
-
- pw.println("RET R-1");
-
-
- /*pw.print("RET R0");
- for(int x=0;x<2000;x++){
- pw.print("a");
- }*/
-
-
- /*pw.println("ADD R0 R1 R2");
- pw.println("ADD R3 R4 R5");
- pw.println("ADD R6 R7 R8");
- pw.println("ADD R9 R10 R11");
- pw.println("ADD R12 R13 R14");
- pw.println("ADD R15 R16 R17");
- pw.println("ADD R18 R19 R20");
- pw.println("ADD R21 R0 R3");
- pw.println("ADD R22 R6 R9");
- pw.println("ADD R23 R12 R15");
- pw.println("ADD R24 R18 R21");
- pw.println("ADD R25 R22 R23");
- pw.println("ADD R26 R24 R25");
- pw.println("RET R26");*/
+ Random rg = new Random();
}catch (Exception e){
@@ -68,5 +36,135 @@ public class Fuzzer {
}
}
+ public String generateMemoryOverflow() {
+ return null;
+ }
+ public String generateMemoryUnderflow() {
+ return null;
+ }
+ public String generateRegOverflow() {
+ return null;
+ }
+ public String generateRegUnderflow() {
+ return null;
+ }
+ public String generateLineOverFlow() {
+ return null;
+ }
+ public String generateInstructionOverflow() {
+ return null;
+ }
+ public String generateDivideByZero(){
+ return null;
+ }
+ public String generateDirtyRegistyRead() {
+ return null;
+ }
+ public String generateDirtyMemoryRead() {
+ return null;
+ }
+
+ public String jmpOverflow() {
+ return null;
+ }
+ public String jmpUnderflow() {
+ return null;
+ }
+ public String jzOverflow() {
+ return null;
+ }
+ public String jzUnderflow() {
+ return null;
+ }
+ public String intOverflow() {
+ return null;
+ }
+ public String intUnderflow() {
+ return null;
+ }
+ public String generateInvalidString() {
+ return null;
+ }
+ public String generateInstructionComment() {
+ return null;
+ }
+ public String generateValidString(Random rg,int programLength,int lineNumber){
+ int index = rg.nextInt(validOpcodes.size());
+ String opcode = validOpcodes.get(index);
+ int numregs = 0;
+ Integer offset = null;
+ String line = new String();
+ switch(opcode){
+ case("ADD"):
+ numregs = 3;
+ break;
+ case("SUB"):
+ numregs = 3;
+ break;
+ case("MUL"):
+ numregs = 3;
+ break;
+ case("DIV"):
+ numregs = 3;
+ break;
+ case("RET"):
+ numregs = 1;
+ break;
+ case("LDR"):
+ numregs = 2;
+ offset = (rg.nextInt(2*maxMemory))-maxMemory;
+ break;
+ case("STR"):
+ //special case - form <REGISTER VALUE REGISTER>
+ offset = (rg.nextInt(2*maxMemory))-maxMemory;
+ line.concat(opcode);
+ line.concat(" R"+rg.nextInt(maxRegistry));
+ line.concat(" "+offset);
+ line.concat(" R"+rg.nextInt(maxRegistry));
+ return line;
+ case("MOV"):
+ numregs = 1;
+ offset = rg.nextInt();
+ Boolean positive = rg.nextBoolean();
+ if(!positive) {
+ offset = -offset;
+ }
+ break;
+ case("JMP"):
+ //special case - avoid looping infinitly
+ numregs = 0;
+ offset = (rg.nextInt(programLength));
+ offset = offset - lineNumber;
+ if(offset<0) {
+ offset = offset-1;
+ line.concat("JMP 2%n");
+ } else if(offset == 0) {
+ offset = offset+1;
+ }
+
+ break;
+ case("JZ"):
+ //special case - avoid looping infinitly
+ numregs = 1;
+ offset = (rg.nextInt(programLength));
+ offset = offset - lineNumber;
+ if(offset<0) {
+ offset = offset-1;
+ line.concat("JMP 2%n");
+ } else if(offset == 0) {
+ offset = offset+1;
+ }
+ break;
+ }
+ line.concat(opcode);
+ int x;
+ for(x=0;x<numregs;x++){
+ line.concat(" R"+rg.nextInt(maxRegistry));
+ }
+ if(offset!=null){
+ line.concat(" "+offset);
+ }
+ return line;
+ }
}
diff --git a/src/pocs/poc1.s b/src/pocs/poc1.s
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..78bbe65f5fd3b229dda97f7f65250107bebc5fd6 100644
--- a/src/pocs/poc1.s
+++ b/src/pocs/poc1.s
@@ -0,0 +1 @@
+RET R0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
\ No newline at end of file
diff --git a/src/pocs/poc3.s b/src/pocs/poc3.s
index 29f75bd4b674892ac28200902d10eabb9754721d..8469c095a4c35c5656116ce51ea92be053fe2aef 100644
--- a/src/pocs/poc3.s
+++ b/src/pocs/poc3.s
@@ -1,3 +1 @@
- pw.println("MOV R1 1");
- pw.println("LDR R0 R1 65535");
- pw.println("RET R0");
\ No newline at end of file
+RET R-1
\ No newline at end of file