Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
S
swen90006-a2-2019
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Toby Murray
swen90006-a2-2019
Commits
1cfff28d
Commit
1cfff28d
authored
Sep 30, 2019
by
Will_Zhu MacBook Pro
Browse files
Options
Downloads
Plain Diff
Merge remote-tracking branch 'origin/fuzzer' into Yuqiang-Vulnerabilities
parents
d8bc76e4
3618062c
No related branches found
No related tags found
1 merge request
!8
Yuqiang vulnerabilities
Changes
3
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
README.md
+10
-1
10 additions, 1 deletion
README.md
fuzzer/Fuzzer.java
+20
-3
20 additions, 3 deletions
fuzzer/Fuzzer.java
fuzzer/InputGenerator.java
+262
-41
262 additions, 41 deletions
fuzzer/InputGenerator.java
with
292 additions
and
45 deletions
README.md
+
10
−
1
View file @
1cfff28d
...
...
@@ -28,6 +28,9 @@ Proofs of Concept (PoCs that you should provide for each vulnerability):
Commands for testing (by Yang Liu):
<br>
<ol>
<li>
If you want to test with 0 total number of runs (fresh start), delete config.cfg in /fuzzer if it exists.
</li>
<li>
Generate 100 fuzz.txt
<br>
<code>
bash ./run_fuzzer.sh
...
...
@@ -48,3 +51,9 @@ bash ./get_coverage.sh ./fuzzer/fuzz.txt
Replace the './fuzzer/fuzz.txt' with the txt file used.
</li>
</ol>
<hr>
<h3>
How to use Fuzzer.java
</h3>
In Fuzzer.java, main, find the 'modes.add' lines. change them or add more to modes.
<br>
Those run mode will be executed one by one, one for each Fuzzer run.
\ No newline at end of file
This diff is collapsed.
Click to expand it.
fuzzer/Fuzzer.java
+
20
−
3
View file @
1cfff28d
import
java.io.IOException
;
import
java.io.FileOutputStream
;
import
java.io.PrintWriter
;
import
java.util.ArrayList
;
import
java.util.List
;
/* a stub for your team's fuzzer */
...
...
@@ -13,11 +15,26 @@ public class Fuzzer {
FileOutputStream
out
=
null
;
PrintWriter
pw
=
null
;
try
{
int
maxInputLineLength
=
1022
;
int
maxNumLines
=
1024
;
InputGenerator
inputGenerator
=
new
InputGenerator
(
1022
,
1024
,
maxInputLineLength
,
maxNumLines
,
"fuzz.txt"
);
inputGenerator
.
generateFuzz
(
InputGenerator
.
MODE
.
TOTAL_RANDOM
);
List
<
InputGenerator
.
MODE
>
modes
=
new
ArrayList
<>();
// fill the list 'modes', to arrange the generating order across runs
// they will go one by one across Fuzzer runs
// add enough runs to generate all the NUM_CONTINUOUS_PUTS put commands
for
(
int
i
=
0
;
i
<
Math
.
ceil
(
1.0
*
InputGenerator
.
NUM_CONTINUOUS_PUTS
/
maxNumLines
);
i
++)
{
modes
.
add
(
InputGenerator
.
MODE
.
CONTINUOUS_PUTS
);
}
// testing corner cases
modes
.
add
(
InputGenerator
.
MODE
.
CORNER_CASES_THEN_RANDOM
);
// total random testing
modes
.
add
(
InputGenerator
.
MODE
.
TOTAL_RANDOM
);
inputGenerator
.
generateFuzz
(
modes
);
}
catch
(
Exception
e
){
e
.
printStackTrace
(
System
.
err
);
System
.
exit
(
1
);
...
...
This diff is collapsed.
Click to expand it.
fuzzer/InputGenerator.java
+
262
−
41
View file @
1cfff28d
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
