added fuzzing encoding packets (extra colon 1)
authorMichael Rash <mbr@cipherdyne.org>
Sat, 27 Oct 2012 01:47:08 +0000 (21:47 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sat, 27 Oct 2012 01:47:08 +0000 (21:47 -0400)
test/fuzzing/fuzzing_spa_packets
test/fuzzing/patches/encoding_extra_colon1.patch [new file with mode: 0644]

index 8479eb2..701c98d 100644 (file)
 [+] Invalid_encoding msg_type: encoded_non_b64_user_field_3, SPA packet: /Bisd9/rMnQ1C7KqYiN5sChavLH0wN9f3JmPhA/UwFkNcqhZCGoJErOWEM6OjFhdtr4FnxmNDy5GWlH2rHR522Joc9jWwvQNE6T377u3jUcRMuppl4mxPU9CJZH5lsYVWfDx390kMdkXa2eaccwQvJbtnydrvGD0E
 [+] Invalid_encoding msg_type: encoded_non_b64_user_field_4, SPA packet: /xpdOz8MhIo+MBn9wIkllSYQvOj0lUcbLXcs3RDYm5NIgzVEFckjBw5OnFVLhG09X2VLDMz0/R8VarWG8N6EY13Qz8RR37jrYEfuRudp2NHczPM17+4L2/ebxwRFNcnJEQc0r4eOU3TCxoaHIG04T/BS9z5YSlcn8
 [+] Invalid_encoding msg_type: encoded_non_b64_user_field_6, SPA packet: +1EnuVxcxmnE3U9zYSsxysZD6/po9wLQpRgpCLs1wQxZcfONI+32IdJVr8MVZ9ODKX1arPEII9pePaIV1EGQOJlhE2ctRmEWfVqg++yNUpWy9jXZAptxipCC7AH7Kv+g9pmfOClJ753Smr9JBhqJFGGalb0nAl4kk
+[+] Invalid_encoding user: encoded_extra_colon1_test, SPA packet: 8ufZNAJ6XkYpFRiI1HBJWofxfCRB5TrXRMuYP6y3VXJDH/EkMQYQ085JUPEGziizpNUijjYjv/xOFO8m5nJZ0tXLBa+6d0ZV5IvfWWUuvKudl3TOojFMQFuEmv0u0BsLnOeA0YB2/cXg7JbJlULgP9CtE7gYRhDvs
+[+] Invalid_encoding user: encoded_extra_colon1_root, SPA packet: 9PSHPHtARSu6eHIuOm2Yai7HdJIfOsaBBmPBwRe/YIqP27CAaDvza2AuoUGhIENVjsMVs1VZmN6VjaOI4wJcekfezfn1vL7p8BRND7ZJ6ZAW5XyEOXwboG46uytKEFtQbOoQei9nBrsFCCbQD4Nz8aF8CawSwOVlE
+[+] Invalid_encoding user: encoded_extra_colon1_mbr, SPA packet: +4TKYQS8nRPEHnV4TKHwfodhsN49NqUlUp3nCmm/XjRHTb7OyCDNiXPF/EI5fvfwzq6G5uDsX9zDik0jXkOwZ7XMWHmfpjJ8r3tqREP1eNRJzQ9fKpdJmIbIGM39bAWwR8yxlp/UjSpRb/txLs/vM3Dz9R4s7PjOo
+[+] Invalid_encoding user: encoded_extra_colon1_test-test, SPA packet: 9tdJhs2JWh2LK7AS2suTAot5H3ft6NuAbfqSCAEg4eB4kfRZL+sWgAXoiUVeE/p1wDl/gWTVXFnF9HMc58eJlHWPt2KbWvX1jynmWLUQwF1ARCoG0q9udFORBwqllK47nPgSYHqjX0Zt2P2vpa2TmJ7KeZMISW5s47VgLUQbWkBjbH+DkAttP1
+[+] Invalid_encoding user: encoded_extra_colon1_someuser, SPA packet: 9PrgyLnBPeiXkb8vb2dfs05t1hbLNQVmtKzrMwxuWoQnKnFL+0XSB2/O/wmnLqdWePavS/YHUffHxZ4CmNT6or7lFUFoQuMadKZYZ1lt77z6vTJmTFB0oyzxNEHQUP5jtfyi7W1s7cD+btL5yiKUTRJ1jSpLkim7o
+[+] Invalid_encoding user: encoded_extra_colon1_someUser, SPA packet: 9yzEt2l/jzLdsV5TzY0RCBr/fV89B/p+PJ6FA99kbtHNRC0EEQkf2yJHYcMldW1eJ9qJ/mlPdW5rDdnj19IPfmVMKS/W8eyEQci7g1/srBcVxm80TqfHWHKOQj0F8kqq7cC74nVnfnWhMbGR6nafkEFhSYfFGXVJk
+[+] Invalid_encoding user: encoded_extra_colon1_USER, SPA packet: +ZdIvvn4Gz+DU9WPbIdAZD1+NIblXU9+51hWpK2CIQYhrZzgsevCSMrDauo1zJJAjIfhcrE61PcOnmNiDT15HOM40Gc05I6bFVZv495CvBMt0KFKoELn1aBr1LLqSgohOC/dHgnKf1xUUK1NqWUL2CXhx2x12t5kA
+[+] Invalid_encoding user: encoded_extra_colon1_USER001, SPA packet: 8kXMKbVc+xlp24lb1+yUu5ePDi2MHD1p9lO+MndOuBgQzU69ba2+4GABclSU4v/tr15wCYXImKpWL3sePKyZmPA5Pgx1k+p+trySNEP4Q98CmIarbix/XaBqdXIDZ2BmMSavXd7Td61nCJY3eSVZaMik0l/wFBqZc
+[+] Invalid_encoding user: encoded_extra_colon1_00001, SPA packet: +RYLepQt2JCqm7B9KVLgKsFCWuxe9UstVWyzUzrQ3ko7uZXbURJp0/OykTweKwigYR3iyzv1Id6C3uFImiZ59Of+Vmgf1YwWo6CgTBgpelP+MNkQRgA7FX4+JK492KWBqqgRoeN0rtiI2PG39SWpIvISjxCAuh0zI
+[+] Invalid_encoding access_msg: encoded_extra_colon1_1.2.3.4,tcp/22, SPA packet: +oNDdtYBsd8T+l35F/MdBqcp2wJLCglDkkAfBYOJDmG1g7AYErCIpsuacF58ainCRxVKwhMWxYw+iAbiYGmXd8Yjc4MFwCkhYDcz2Ku0Y0hIM0lO+bEgFD9B55V/JNdqMrupGttli6E7qUtlt28A6AmKOZzWoIIwI
+[+] Invalid_encoding access_msg: encoded_extra_colon1_123.123.123.123,tcp/12345, SPA packet: +kN3uD94n170Ds2fgq5DPatHi5GRnbx6E+aSQdrQeQq+sFOl84GFHlBiJAkb/Y/a0OqLqKRNt6O64sWmROYa/xKTHpBPm6IJu2lpZshaG1zV+HnvvUA5YR5APM67AkkAP+w+G2O0NrqLyp4pMzU3yDgX6WYt6I49LdsbJd2WO5D2mOofM5eLD0
+[+] Invalid_encoding access_msg: encoded_extra_colon1_1.2.3.4,udp/53, SPA packet: /K3Mp8PdDRVbtJ119zHADoYYe4Dm/TPq2UMt0pMgcHAoEEjinuwP5FVmhmMrBZQkiOKTcZ1En+eHlsMniffGPoGAQYSo/pmGO+dxcxZKWsuu7xe+xMt9kLWHLHUrLMv0tU+skChjY3IJhJA+uJ0cGpA6DduTV9UGk
+[+] Invalid_encoding access_msg: encoded_extra_colon1_123.123.123.123,udp/12345, SPA packet: 8AcPFFFq1yusMpHGtlA3UBPztMZ3lI6zCCgTwfU4RSK1pPaj4Q9L28fsC0Ym41HELLg9FAlaXg2gpUPl/MVXQVNGzOi/5gZhVS083ve64Q7NUCM8hrBL3ppofTs5rc8vq/7bYiDauRrQk71QuhK5JpdIWPIvTS7TP52f9dJp/RJgqTg3VF4Oax
+[+] Invalid_encoding access_msg: encoded_extra_colon1_123.123.123.123,udp/12345,tcp/12345, SPA packet: +ehbNJAMcztKz2hl1jaq3LkrtwJcA11uzvbDbM5C0T3XCPyPQm1yEdq6u+kDCwmy1ZsqLMu/hTRoI7IBNC9T/r9IzT/bNow4y68h5CxoWnu/kst6B3rl025UGbeE5RVn25hAHPOtwKuioGil2nRkA1T4k5C2D1dADwWlnqnJ1RQejzdDuAsoGgDUz6C/DBB35qNtNz+hDVfw
+[+] Invalid_encoding access_msg: encoded_extra_colon1_1.1.1.1,udp/1,tcp/1,tcp/2,udp/3,tcp/4,tcp/12345, SPA packet: +EJSOlTuaoGx0Xe45iLHv0nhfige7jwVSOTHl9Xu0R7TSsxJL3tSQKR8a2wtF1zLRZZI6uH7Ph6lZDNhpr9T9kSsQfEDu4jAtpYfdwk7Q1Sv2ejSBJAF5GvA462BrcvM/mNzNdGA7ZxRNw97SLtkguYS2a9Th48qJDU3X7/MqgYZFd0jiPtGHEPmcd8WVpjDl4cUZlYXOmejkbcSx8e7AXcb9k7Nnl8ww
+[+] Invalid_encoding NAT_access_msg: encoded_extra_colon1_1.2.3.4,22, SPA packet: 9FBMmDYMmXDvkknP0bY0bj2rPzw2EobuI/yvASmBmzOmwNDGP6igiOQ7RH3GFCbXbHamXAh1VekL9DAggEM7rKOI+KddaSWr1Pflgbc4dCDx7iQWvqjW6/6ssAw2QfeVOlg26KjCOs7x2VJSl0mkKDEq59UgPoArVBTfYKHhBSTIQLCt391uzC
+[+] Invalid_encoding NAT_access_msg: encoded_extra_colon1_123.123.123.123,12345, SPA packet: +dINt8byBlJP6OZhSlr6x7T4xS5yWH4b75UVV4QmdHLGzWqohWJHCqBgQu7U5nyyv9bjxahTvIeVZ34oYymN0Sj6yXhSY0afyXoleGfcyeCyxmQIsnO9Yvqr4NO5q3z/Ck85gTKGSXFYSVa/um95oQSJr9ZFW7NGn9B6GB/T6mJUAwbITZ//4M14wvvA7xHz9hW02Svk7byg
+[+] Invalid_encoding cmd_msg: encoded_extra_colon1_1.2.3.4,cat /etc/hosts, SPA packet: 9YwahlA5BpsDdeTzMGEt75wiVDwzSg2aYEfaq06k9vbnsI2TwhwfWc5qcID8KD5uXJ4DZA39Ru0JuaaoO2ZD/cSY/INEUoX5il6yMOpu/An2P68GqgOraqKdIV0rsn+52cHah2Y/CuqAx4Isya30giqO6oF4ciPRCexq5zwvs9WmfMIMjZdBqv
+[+] Invalid_encoding cmd_msg: encoded_extra_colon1_123.123.123.123,cat /etc/hosts, SPA packet: +vWlxs8rRL+StBjCByhcZxeJJq6gV+AJRj4pZz3w3hLwOwK1s+dHcmUjVs4BuUoq+4zIGAQpvzVs6cD9Uk6pot3YscFakT8LDXzlXnRtX76MRY6C3Yf0XrZFtVbdTc2C4AJ4ZplloyR2OcKVtWsGO00KDRNOc/rJj5KsdELK9wcWOm5Ku4Y3qN
+[+] Invalid_encoding cmd_msg: encoded_extra_colon1_123.123.123.123,echo blah > /some/file, SPA packet: 9/3hGy0OVttSZpEbWtOQp/9R3NpqOAMg/F9o1EL5I5bZTM17Iv9WXzEyFyKaW/ksyuZqXND20kw1kfT5dsn9MjC53O9EGZmguiUHnnFinEjcMP6XA0+I5oLf/Lf9RIJzxfkwB/NEPE80PXWtLbcdkX6b5zqtRaUbB/d6CdtLZXwaSnOYf77j3c6MKn+DpKPQfTUWrZiPzqFg
+[+] Invalid_encoding cmd_msg: encoded_extra_colon1_1.1.1.1,echo blah > /some/file, SPA packet: /Yc+qBuTOnA8HewvGvGMAKUxcSEg31a8QuabLcWWf5/XDWYXHGY7oQiHRZjLkRSgpB7ObSo4+rOlAE2p3/lbnUnEWa6aGCUBWNrHOmBdb/u5O4ygUFaIDVrDx5JM+R5GdWxDMayKvrn9CgxLQoUIdj7dxqOJp1e5bHN4iee/+mPmqwoxV/56Ls
+[+] Invalid_encoding cmd_msg: encoded_extra_colon1_1.1.1.1,AAAAAAAAAA, SPA packet: 8rpAQN/YY5t/yhspp1BQJ+0iTGpTOaU4QrMtYR8ltQ97PYLRFZHASJHzlE8Kk+32SZsZDiZEPQSd2aqvF8nYUYzn2vv31/6De83aCqxknmw/VfrJHjsXy1adqnqjovR+3FVDjTxMOLt2IuRh6Ccj8SYhWQg1eSv4U
+[+] Invalid_encoding cmd_msg: encoded_extra_colon1_1.1.1.1,AAAAAAAAAA:, SPA packet: /9R63l24m3QPrHsbWyCXReQYW0DwBoqi69ykc62PGhb2YmT/2dG06v1GPvBusxHIYMks9AyZ+AZsqAtyHCaYGwwOkj5PQ7FPlVNSzVEeGF4Kw7Oqyyf1f8SSprBHCCaGIfLd4dsWGi02609XZ30WFQ0Uxcknl86LyXr5VSjRGrzzfdooZNWma/
+[+] Invalid_encoding msg_type: encoded_extra_colon1_1, SPA packet: 8ID8cZOn7g6f+zZfJdxyO3PduUByMil7f9JPBVLGj4HkztCFy64XUYdh9fnH0pJDr/0jQADEYhMKOUEzpeCYyEX3tjBzuZ14wNxDpQDw3MAXYElmv+5/8o3Q4Ctnw2WkjYDyrTF0xP3oxJtJd3aA/eFtndKHNevyk
+[+] Invalid_encoding msg_type: encoded_extra_colon1_0, SPA packet: 9no1f8Rj0EbZ/bkgFIhFSQTSq1b4A9l3NX9PrJZNmHPr6mInGpmCXqVfHC2yiBkWnmk7olvDl/FMCmpDwafHIUk3iacdWmT6TyKLhYnHvrsg3rZ2WvlOtYE0YUcrUsn9HhzkmKS3ThJ85mRBX80YAr5fDWSgkMmBs
+[+] Invalid_encoding msg_type: encoded_extra_colon1_5, SPA packet: +NWRBhLIt/oWGJtw/8FRpumbLqdydtfEOEaxw7PZa9rXE9p9dBTwEFj8SlYPxFPzXgq1WloGHpzoFQgxCRMV3DVv0OFWuaXwmZZwfL4TDuQbwomEW3Il+6fY2TZM7bEOThlHe7NIMhsGZ5BmdeEStgoXXW4eWoBRA
+[+] Invalid_encoding msg_type: encoded_extra_colon1_2, SPA packet: (NULL)
+[+] Invalid_encoding msg_type: encoded_extra_colon1_3, SPA packet: 9dncfOufp5bLMMw8xu3wXAYPU2p3Q+cze2UUiz/20v7Djw8U6j6x9FO2ECo9gITS1dkan5yzC5GNHW01HP82/z+YnWDT7bXafhb5yeT6K8EsCwcN7Gf+yrw2Xf+qsg2+cnUOwDnp8TQyqgwX8xJtSsnPWbTTRaZP8
+[+] Invalid_encoding msg_type: encoded_extra_colon1_4, SPA packet: 98C5aaw2Fz63xNcXdhi9GmJbWaZPO4BayvtfILyW4DiRmm3qOAQZjyfuIEJrxEvLL1F4/JZLeUysBGHuvab/fq1cidpuk9FBJqMfs61se55OgBc8lGa6kSLX7JbvA2z9XHvL5JLaCvzM2CpTkTUl0wRlwxPZDUUfI
+[+] Invalid_encoding msg_type: encoded_extra_colon1_6, SPA packet: 9CxlGjInV5Fu4SM0vzanOVp3mcy/fkfhFSi/Rrm5CXRPaISFTcKqRgp0h9Lzd6SOVxvdZzWeXOjFW+SY8m1PXSXkKOa5UKkntjJ7Oiu4RRVAErcwf3cQ75Ww06u8E5vPbQ7ki4hVIUi9RoVKN9CY9k0KagELVacCM
diff --git a/test/fuzzing/patches/encoding_extra_colon1.patch b/test/fuzzing/patches/encoding_extra_colon1.patch
new file mode 100644 (file)
index 0000000..a33d988
--- /dev/null
@@ -0,0 +1,13 @@
+diff --git a/lib/fko_encode.c b/lib/fko_encode.c
+index c92d421..e8909d1 100644
+--- a/lib/fko_encode.c
++++ b/lib/fko_encode.c
+@@ -105,7 +105,7 @@ fko_encode_spa_data(fko_ctx_t ctx)
+     /* Add the base64-encoded username.
+     */
+-    strlcat(tbuf, ":", FKO_ENCODE_TMP_BUF_SIZE);
++    strlcat(tbuf, "::", FKO_ENCODE_TMP_BUF_SIZE);
+     if((res = append_b64(tbuf, ctx->username)) != FKO_SUCCESS)
+     {
+         free(tbuf);