[+] Bogus msg_type: non_b64_user_char_-1, SPA packet: 9joMA/frW89LuwII4+/Woq2EfzrgvrB18vJdKzD1A3mWJzRTEtHZkqy2MZrEtpOz9p5NRH/tS6pqGZgYftvQyh7MerCwbqgBEgH4O57MI5rv50KGnYi6R5NNIX3/ECio81ukLMyyONO1HZEIJLoUhD56FYdfu86xQ
[+] Bogus msg_type: non_b64_user_char_-2, SPA packet: 8fFmjUFNvSnm7ZAugLg+1wWkq/4YU0jn7iA7s8Ii4ii5muo7UXNI3WKHIYVK6k6Jx+ELmhJcYIjD7rfTfWKyK/PLfapCvcDDqdZ4fRf/0dX7yQyMKEWRTtn7/pevKxtj6u5B6CW/dzLHmVMHhh+LMkITrlIaUGSxo
[+] Bogus msg_type: non_b64_user_char_255, SPA packet: /GUVf0x5GkoXnO7VmgqwjzBuYGUcJkBj8sKpwe96MGgQa2VI9c83R2XJk+E5kIyX6HugN2ND8WG4znaWfrm4qIxZL24H6oG26k6Ffpq9NnrE/sE7u/rI3s8IXk8QLNLBLObcAc0dlZd8mdCbO2qbdHRd4t+/hu490
+[+] Invalid_encoding user: encoded_colon1_missing_test, SPA packet: 859TVR5TxVu3Gm/d4405AxaWtmsZ3HhFJMGGr/Dtt9GBgFExtYirxjTnp7CxcwcyeaShJj7puZwuDZqk3nzCNZWfam6QwTPo9LywOunpiU1ejxPCGY832EYnv9WXQ8WgchKRY4mVV2+zhqXe4MwcyUgbIye05hSM0
+[+] Invalid_encoding user: encoded_colon1_missing_root, SPA packet: /DjgfVCvxYNtCK3M5EA7+nK8EM+wMxvuuS27o6OD5StyDUy7jvhBUJgycouPrWNSUtXdkXu3BH8d6Uc9qdjvU6gv/XmRTO2vKzgw/ivldD0fTleadiOz9ka23kXRFSQDdw3/rF5BQo9x/0raxpzguakOZAl/wLKlc
+[+] Invalid_encoding user: encoded_colon1_missing_mbr, SPA packet: /QpOj9Io0yknOT7dQjj/aT3Zc9QvudSi686iZRiwgpZtmIuKOD9Zp03pC6gCSAp0VkjDv3pDmi2vq8bp0vVB5Adqc3Vzn4iy2yQtzTp/6RIkK9tWdiw0KGeFXu+UYVsiFSPrk0QS1ntNVuSO72KsNQ0iqzKK9dWQg
+[+] Invalid_encoding user: encoded_colon1_missing_test-test, SPA packet: 8jJihpMzEfMTy307mdxhjWsvHiVfJDzLzhmH1twZJyNT4RGhh4xp+0w+6gONvttX5USK8H2QKi7rb2sYph1NBuVa28kIvUdFMKGmlmF3LBr20xWBO0L8x8J54jo+BLzLFeBjBChBfJPnnt2WTO/FoXKFS72+fknkY
+[+] Invalid_encoding user: encoded_colon1_missing_someuser, SPA packet: /dI/wd/u9GPujMh3OTY0LZ0SOOD3iFy64LXwg8Q+pmNrDGP+F501uZLaC93RjhUQHUsKUE9w5SsxHzXsm1H5OicASbVm+Gzjp6YPNT5eINU+QL/ed2oPnuMX7EFZ7nitUOZPGAJM69QO+PiNqwR9ZC9Z9xYfB3WSQ
+[+] Invalid_encoding user: encoded_colon1_missing_someUser, SPA packet: +JdsYyFBtyUqQRv2jvuX70Y+onNNfh920qxlvQIiHNCGsGvkaUP8QkUHeTmJTxHISEsZ+K4j6boGvqHohO6tPnOCU1JNZfBGEPeaBixhQObhntufBqo+NdXAyFHqmesiH9zHA/YOKibsAYs31j0DLYVHaBj5nq/DE
+[+] Invalid_encoding user: encoded_colon1_missing_USER, SPA packet: /pG9XIghf8Co9oq3ftzYVuLFFNq9oRibxsA8fZKUEMYFQp6QetD0z8cJrmnJGafdz0UcrVweQIMfYRvK+ZpEQ5mKEqzEK8QJEMCmGYun+CF/cgOhFwOKjlORtu4lpC1B9NGA+kCR8UslFI9izMu8O5IgV0YPHrFgQ
+[+] Invalid_encoding user: encoded_colon1_missing_USER001, SPA packet: /8ZPmNEXliapp0b5GtXdtgNOasACFjf7ATKNBplWUIMQ3RPCrh3egX+0OQpsu+7Uqiy0GRc17wLN1n69qaCzKzduZKkwA4lB7oca4T4P/59/HVIULAOQ+hkV5IXbp1G1y+FDREtmcNFH887RISHzOW8QLUQExYse0
+[+] Invalid_encoding user: encoded_colon1_missing_00001, SPA packet: 8EikreH4mra4B4Iw81xK0MZa0bogk9PBVyNivGBJ/Xg82UIoykNtKuGtrlJa5q1X0xtx1oYF/fxFJBWbMSfw2HRN0bNO1LT16Du+5e6xAvXbeum4r2koKTdxod6YlngMmkVpY+BgRNzM7LzvUBAsYwiNJCOptF3SE
+[+] Invalid_encoding access_msg: encoded_colon1_missing_1.2.3.4,tcp/22, SPA packet: +CWzA0srcKhbWhYJnW4wCC/VYfEGlKouC8HazZ/Eu3+p6CrpGLWdV6MoecQmY0GE++mqrg5bqbpLbpOGcHENAz/tfzUBX0VK57y9mGdjVnYw7qDQyGeaPgXNSmAWL/4vsWHHEZ7hbr/+tBLILhr9h57g3vtT1snRo
+[+] Invalid_encoding access_msg: encoded_colon1_missing_123.123.123.123,tcp/12345, SPA packet: 98g0Xsg2eiUxh54W2JEEh6/WetDiyBEtcrVJ8JTYII92DuRhhrHcoRttNU753sOiVB5CxjyB6kk47rOXBj5uzN+bFOzCyg+v9vBak8ylP66zXQFhvRrVN0U9/+8YuEKnSTd4lTRgxSFqvVwGDwCr3QdmYd5CgOhi+CWvhtQNdiQsbjImmjNxas
+[+] Invalid_encoding access_msg: encoded_colon1_missing_1.2.3.4,udp/53, SPA packet: 8nm/CVql1Ayg0GGCa/jCet3yZU9LfrdkKA0EGEDPhtgU6ub+pHQ/85kiSFxcmx5XA0E10ZwAUCLcEbF5rVDnOD4GOdeGrYHKi5toAYOflkD7dTMfHaXdYbwjX2c3wgP/VdXgaGJWteI84VCeAErI4r8up8qMn3nts
+[+] Invalid_encoding access_msg: encoded_colon1_missing_123.123.123.123,udp/12345, SPA packet: /4h6Y7PvJvaznlDjZuow4yTkdSSrV7g1wR9xr7A4wqaguDINnNoEMPIgwe8NMEbdr2/PzD0h5v9K1xTiQseWtBTlnGKiImH9FJ3roUugofkOAObYht5zIM0dRN3MzmN6/nTBX4tEKEQHkKq6tNwj+5kVabJH25OGs8JSUeAJKVvhexJdtBV49J
+[+] Invalid_encoding access_msg: encoded_colon1_missing_123.123.123.123,udp/12345,tcp/12345, SPA packet: /fpj1225rEBEs9v23g1sZ7ys5t3AXTQ12ldSHoFqi1I6vQLLH2dBaR7JIr/nQEp5gfnuYY/RxjSZsItp8utZdr7pTC1FvdMXWy28s5257WZnIgEfUZKiCmu7j8SxKcViNCjgMpojFePE+wK2sGvyCiQ95R5+FV2ieQF84Z15la5nESY+uu20pQOTnYDhiqpIkMSpZBUksi6A
+[+] Invalid_encoding access_msg: encoded_colon1_missing_1.1.1.1,udp/1,tcp/1,tcp/2,udp/3,tcp/4,tcp/12345, SPA packet: /oD3cGN0tItROvlcsNP5h8ajVTD2lJSrtLGrc5XUt1CO/6L/rl56uotfTztChyypUOmBTufC/kTak9cUTRZfWBhlsPCdtdo0SoQo3xU7LtO5s7qkyk8DhwEtjfFvWRbKOQjGUd33w3NZMkpKf5d2Z5WG6Agci7CAso/c0nNRyoPO5ec71DPTPZ4zAqyVFtO75pHLq6kbJ2yur8Fc50xtQ4bGYJrn8B37w
+[+] Invalid_encoding NAT_access_msg: encoded_colon1_missing_1.2.3.4,22, SPA packet: 9rQMouB0yw42ySvPU0eg11XtVKl3Tk2MhIhCcVCFwqXJZrvYxNMF9BjRk6fK9269OrimGbAkYpO6/2HkpwPdd6jbkTZjhDsZSMbifnZhnmci7A8TrwkYYFjBHPgSCZnH46QUzDHSRHPvdjTYeVw/WBQ9iY9ZWLaQ2k3ketVR2lj0EVx07xKGQy
+[+] Invalid_encoding NAT_access_msg: encoded_colon1_missing_123.123.123.123,12345, SPA packet: 9VcKWxWmtNtiejubKoStEOL5DrMqpjsyUqd1O9nj1EMXwUuTrcmvpkrRDXj9WDTzDSRGs9bXEqIG63j7D+V7Ub1vllzZsO8fvuQ9bAoNn7UBTF2xKaYA1EOmRmTu2KP7mI4Y2v9qIXRsKWKYSNS0U/+t7QTi0lHrnve23sKum9Vxzkj06PDJV6qUhXoeYq0iFqF+jE4GiCSA
+[+] Invalid_encoding cmd_msg: encoded_colon1_missing_1.2.3.4,cat /etc/hosts, SPA packet: /p18C61k5N11B82Fj5YDWyksSkUi+Ki8DJkFl+3sRIG/dv7q4J3SjqjM3mDaKLv+AVVwoD6BXRc0cteILG9Rr5EA11K33384NN3e83DWCoGLMBbHpfX82BiiZDUi3ma/Z1VcrHgYHZHkCZO7M5LhfHq24kcBKJuAsOZi3dkvDNlBGJR2hW0dy6
+[+] Invalid_encoding cmd_msg: encoded_colon1_missing_123.123.123.123,cat /etc/hosts, SPA packet: 9LS7egGRu8BK9+4/9uJs47hJc5PpvfOKpcfZsWNUXLjcsE12z5R4vEhH/Qs7NQ/5/fBlvlvOTM9ph7oPLtomUgkFSPTAOb37qahsECqgrToD9kxGaw/qCaX1Fnm9pvtN+e6Bfd5mdI7gPwHtARbcsKoncY7yrBiAQtBLflkBBuGfJkbocTTUR+
+[+] Invalid_encoding cmd_msg: encoded_colon1_missing_123.123.123.123,echo blah > /some/file, SPA packet: 8SgaG6RZ06x0UcNfXNK2DqZtzw0cj3THAwAlA3bxVNNIVdKXsNIam3bKR1tf6lP2mu3d0zYUTTgqj7kEYAe/yCk+R73awePHWg0A/Zjd06ph0dK7cdt4Tl1Pca+uRHmBK5NU7/1EjuPSrbtYOS7YTSl+r65qHYMi2n6cxYQiohPZfIEI6AfbqiOPrmR3p6lbuJd3LmIe7q7w
+[+] Invalid_encoding cmd_msg: encoded_colon1_missing_1.1.1.1,echo blah > /some/file, SPA packet: 9yUb1EBe6AlMveVQMaDOvnvgCEuSy//Lw8/ks+XDibQlbH5zlwlLD2sI+ApFuOm+dCj2OkfRSLxRphNxIjJsaPIce3ZW0pyl5tSJG2aUz04zeEiQXo1GL8IDzSkY6XkDj1e26qKosIVAfiihb56/c3gGJFPrWE7FBtoOplNqMLfKh8RDlG0GSf
+[+] Invalid_encoding cmd_msg: encoded_colon1_missing_1.1.1.1,AAAAAAAAAA, SPA packet: +nln0u5WeSKPXpdLUOU15xpLLy2sIImPVlyWo/rP9iH8Flg4K3msXauzZjHYcc6IEgTgtdP0un1EIv6wedaGu1fj2c87I/VhbfzK9TTRMFHX5pG2hjcWXq46BdLcOUIwB8lsfjVRwYCNd9feKLRsBixHa4Dhpbw9g
+[+] Invalid_encoding cmd_msg: encoded_colon1_missing_1.1.1.1,AAAAAAAAAA:, SPA packet: +iJ5Rl+X8wgFNe6A2lmMjt04ipOECVnAuwYvWPQeBAagbVrxce0YBMmavVKG/yNz6XVeS0j1D33yHZXlftVGD2irdU8MxVVDVhKED/DDTERDN0gQ0RVmHErLqFt/kiM/+LRL+kS8p2hmUIS2GbJISR0Iey1l3gF+E
+[+] Invalid_encoding msg_type: encoded_colon1_missing_1, SPA packet: +RgnJzXuRuEswe8pDOzR9u5Tvt83+gNNWDEHIMVteuIACg+HQG5HvIqXZRElHFMYoaOlIGESlguo+yYMc2+PNQdnl5qL+BYZ4LLh+nf+rDAwQQ5Ck0x43Fqxvz3YvDP8jCgeWVK+jKOY+qLR1d0IDT2owIIqXQqyA
+[+] Invalid_encoding msg_type: encoded_colon1_missing_0, SPA packet: 8XYBquKvmrO+93qwYF3kDd/HBRAv4GYk7+lPAn8eFCOGb8UTGYL2XwfYhqmvD/QKCrMAktGSp26mMefyIXbub929SUpJ057OO5eJkxjV/N4/oxAS3z2x8RWFouohL6hAkpER1SeRukUcvzLG/JTJ1Brww/kp+biWQ
+[+] Invalid_encoding msg_type: encoded_colon1_missing_5, SPA packet: 8gJjUcD4P/uA/m0Pnzl45fp7+Wh+btLYVWU1lGS0wUoUBEveCC0Xgf9nmagD8cBF8Q4okAomf80dmAxSPj+VZ6LCGXQtzHU+Zbz3mcshTo4XyAd62V1XX/cuWUHQt2sNMubVes0MR3HfrRGwI0O9EtUmT5kDkH/L4
+[+] Invalid_encoding msg_type: encoded_colon1_missing_2, SPA packet: (NULL)
+[+] Invalid_encoding msg_type: encoded_colon1_missing_3, SPA packet: 9QWav9tRaEnnkXI2NWsUsD+f/zDpkysqLhaMzTPtZPaVY1swJuwJ1my3RXHMsc9NFREm2a7rcw4d4/2rM1RxaPYrDXLeuhL6OoYWc/kdHgUk/c47kHwdlX8nMExevM3LmsA0PNpS94oZ3OS3vFiMe1R2XXRMUk3ic
+[+] Invalid_encoding msg_type: encoded_colon1_missing_4, SPA packet: 9hMSn1ynd9JMJFB2t6GgoNGmcHNHXYJ2XmhOhY6QbLzUmus+n77FO0METjtxVGN9G4dimgRBl4UktvVHXfzPvMuyCn3M1h8tisNM7/ucP9cyvr5NfonRu7Sc3G+T5Z9FFrvrFwQ8qqmGxweuoXI9ezuvxZLfXIxy8
+[+] Invalid_encoding msg_type: encoded_colon1_missing_6, SPA packet: +XWx5ZBy2SfRNyusioAHLqVrbR+9XXH21DIhTqUZArmVsNci8U0aLuEiiH0cA2o7NzoWXrN+47e1WdOiX/8yvGleKlqLoR7xBv52ZdpwgRlrDUsKkFHyFpuQMKu3V72cvQMClcAFtSzPegPl2t5KD1q119IlxbxZg
my $fuzzing_key = 'testtest';
my $fuzzing_num_pkts = 0;
my $fuzzing_test_tag = '';
+my $fuzzing_class = 'bogus data';
my $server_test_file = '';
my $use_valgrind = 0;
my $valgrind_str = '';
'fuzzing-pkts-file=s' => \$fuzzing_pkts_file,
'fuzzing-pkts-append' => \$fuzzing_pkts_append,
'fuzzing-test-tag=s' => \$fuzzing_test_tag,
+ 'fuzzing-class=s' => \$fuzzing_class,
'enable-recompile-check' => \$enable_recompilation_warnings_check,
'enable-ip-resolve' => \$enable_client_ip_resolve_test,
'enable-distcheck' => \$enable_make_distcheck,
},
{
'category' => 'perl FKO module',
+ 'subcategory' => 'FUZZING',
+ 'detail' => 'generate invalid encoded pkts',
+ 'err_msg' => 'could not generate invalid SPA pkts',
+ 'function' => \&perl_fko_module_assume_patches_generate_fuzzing_encoding_spa_packets,
+ 'fatal' => $NO
+ },
+
+ {
+ 'category' => 'perl FKO module',
'subcategory' => 'basic ops',
'detail' => 'create/destroy FKO object',
'err_msg' => 'could not create/destroy FKO object',
}
if ($enable_perl_module_fuzzing_spa_pkt_generation) {
- if ($msg =~ /perl FKO module.*FUZZING/) {
- print "\n[+] Wrote $fuzzing_num_pkts fuzzing SPA " .
+ if ($msg =~ /perl FKO module.*FUZZING/) {
+ print "\n[+] Wrote $fuzzing_num_pkts fuzzing SPA ",
"packets to $fuzzing_pkts_file.tmp...\n\n";
exit 0;
}
$rv = 0;
}
- for my $offset (@{&valid_offsets()}) {
+ for my $offset (@{&valid_time_offsets()}) {
$fko_obj->timestamp($offset);
return $rv;
}
-sub valid_offsets() {
+sub valid_time_offsets() {
my @offsets = (
9999999,
10,
return $rv;
}
+sub perl_fko_module_assume_patches_generate_fuzzing_encoding_spa_packets() {
+ my $test_hr = shift;
+
+ ### this function assumes the lib/fko_encode.c has been patched to mess
+ ### with final encoded SPA packet data just before encryption
+
+ my $rv = 1;
+
+ my @fuzzing_pkts = ();
+
+ USER: for my $user (@{&valid_usernames()}) {
+
+ $fko_obj = FKO->new();
+ unless ($fko_obj) {
+ die "[*] error FKO->new(): " . FKO::error_str();
+ }
+ $fko_obj->spa_message('1.2.3.4,tcp/22');
+ my $status = $fko_obj->username($user);
+ if ($status != FKO->FKO_SUCCESS) {
+ &write_test_file("[-] Invalid_encoding user: $user triggered a libfko error\n",
+ $current_test_file);
+ $fko_obj->destroy();
+ $rv = 0;
+ next USER;
+ }
+ $fko_obj->spa_message_type(FKO->FKO_ACCESS_MSG);
+ $fko_obj->digest_type(FKO->FKO_DIGEST_SHA256);
+ $fko_obj->spa_data_final($fuzzing_key);
+
+ my $fuzzing_str = '[+] Invalid_encoding user: '
+ . $fuzzing_test_tag
+ . "$user, SPA packet: "
+ . ($fko_obj->spa_data() || '(NULL)');
+ $fuzzing_str =~ s/[^\x20-\x7e]{1,}/(NA)/g;
+
+ push @fuzzing_pkts, $fuzzing_str;
+ &write_test_file("$fuzzing_str\n", $current_test_file);
+
+ $fko_obj->destroy();
+ }
+
+ MSG: for my $msg (@{&valid_access_messages()}) {
+
+ $fko_obj = FKO->new();
+ unless ($fko_obj) {
+ die "[*] error FKO->new(): " . FKO::error_str();
+ }
+ my $status = $fko_obj->spa_message($msg);
+ if ($status != FKO->FKO_SUCCESS) {
+ ### we expect that a patch has been applied to libfko to allow
+ ### fuzzing data
+ &write_test_file("[-] Invalid_encoding access_msg: $msg triggered a libfko error\n",
+ $current_test_file);
+ $fko_obj->destroy();
+ $rv = 0;
+ next MSG;
+ }
+ $fko_obj->spa_message_type(FKO->FKO_ACCESS_MSG);
+ $fko_obj->digest_type(FKO->FKO_DIGEST_SHA256);
+ $fko_obj->spa_data_final($fuzzing_key);
+
+ my $fuzzing_str = '[+] Invalid_encoding access_msg: '
+ . $fuzzing_test_tag
+ . "$msg, SPA packet: "
+ . ($fko_obj->spa_data() || '(NULL)');
+ $fuzzing_str =~ s/[^\x20-\x7e]{1,}/(NA)/g;
+
+ push @fuzzing_pkts, $fuzzing_str;
+ &write_test_file("$fuzzing_str\n", $current_test_file);
+
+ $fko_obj->destroy();
+ }
+
+ NAT_MSG: for my $nat_msg (@{&valid_nat_access_messages()}) {
+
+ $fko_obj = FKO->new();
+ unless ($fko_obj) {
+ die "[*] error FKO->new(): " . FKO::error_str();
+ }
+ $fko_obj->spa_message('1.2.3.4,tcp/22');
+ my $status = $fko_obj->spa_nat_access($nat_msg);
+ if ($status != FKO->FKO_SUCCESS) {
+ ### we expect that a patch has been applied to libfko to allow
+ ### fuzzing data
+ &write_test_file("[-] Invalid_encoding NAT_access_msg: $nat_msg triggered a libfko error\n",
+ $current_test_file);
+ $fko_obj->destroy();
+ $rv = 0;
+ next NAT_MSG;
+ }
+ $fko_obj->spa_message_type(FKO->FKO_NAT_ACCESS_MSG);
+ $fko_obj->digest_type(FKO->FKO_DIGEST_SHA256);
+ $fko_obj->spa_data_final($fuzzing_key);
+
+ my $fuzzing_str = '[+] Invalid_encoding NAT_access_msg: '
+ . $fuzzing_test_tag
+ . "$nat_msg, SPA packet: "
+ . ($fko_obj->spa_data() || '(NULL)');
+ $fuzzing_str =~ s/[^\x20-\x7e]{1,}/(NA)/g;
+
+ push @fuzzing_pkts, $fuzzing_str;
+ &write_test_file("$fuzzing_str\n", $current_test_file);
+
+ $fko_obj->destroy();
+ }
+
+ CMD: for my $msg (@{&valid_cmd_messages()}) {
+
+ $fko_obj = FKO->new();
+ unless ($fko_obj) {
+ die "[*] error FKO->new(): " . FKO::error_str();
+ }
+ $fko_obj->spa_message_type(FKO->FKO_COMMAND_MSG);
+ my $status = $fko_obj->spa_message($msg);
+ if ($status != FKO->FKO_SUCCESS) {
+ ### we expect that a patch has been applied to libfko to allow
+ ### fuzzing data
+ &write_test_file("[-] Invalid_encoding cmd_msg: $msg triggered a libfko error\n",
+ $current_test_file);
+ $fko_obj->destroy();
+ $rv = 0;
+ next CMD;
+ }
+ $fko_obj->digest_type(FKO->FKO_DIGEST_SHA256);
+ $fko_obj->spa_data_final($fuzzing_key);
+
+ my $fuzzing_str = '[+] Invalid_encoding cmd_msg: '
+ . $fuzzing_test_tag
+ . "$msg, SPA packet: "
+ . ($fko_obj->spa_data() || '(NULL)');
+ $fuzzing_str =~ s/[^\x20-\x7e]{1,}/(NA)/g;
+
+ push @fuzzing_pkts, $fuzzing_str;
+ &write_test_file("$fuzzing_str\n", $current_test_file);
+
+ $fko_obj->destroy();
+ }
+
+ TYPE: for my $type (@{&valid_spa_message_types()}) {
+
+ $fko_obj = FKO->new();
+ unless ($fko_obj) {
+ die "[*] error FKO->new(): " . FKO::error_str();
+ }
+ $fko_obj->spa_message('1.2.3.4,tcp/22');
+ my $status = $fko_obj->spa_message_type($type);
+ if ($status != FKO->FKO_SUCCESS) {
+ ### we expect that a patch has been applied to libfko to allow
+ ### fuzzing data
+ &write_test_file("[-] Invalid_encoding msg_type: $type triggered a libfko error\n",
+ $current_test_file);
+ $fko_obj->destroy();
+ $rv = 0;
+ next TYPE;
+ }
+ $fko_obj->digest_type(FKO->FKO_DIGEST_SHA256);
+ $fko_obj->spa_data_final($fuzzing_key);
+
+ my $fuzzing_str = '[+] Invalid_encoding msg_type: '
+ . $fuzzing_test_tag
+ . "$type, SPA packet: "
+ . ($fko_obj->spa_data() || '(NULL)');
+ $fuzzing_str =~ s/[^\x20-\x7e]{1,}/(NA)/g;
+
+ push @fuzzing_pkts, $fuzzing_str;
+ &write_test_file("$fuzzing_str\n", $current_test_file);
+
+ $fko_obj->destroy();
+ }
+
+ if ($fuzzing_pkts_append) {
+ open F, ">> $fuzzing_pkts_file.tmp" or die $!;
+ } else {
+ open F, "> $fuzzing_pkts_file.tmp" or die $!;
+ }
+ for my $pkt (@fuzzing_pkts) {
+ print F $pkt, "\n";
+ }
+ close F;
+
+ $fuzzing_num_pkts = $#fuzzing_pkts+1;
+
+ return $rv;
+}
+
sub perl_fko_module_full_fuzzing_packets() {
my $test_hr = shift;
open F, "< $fuzzing_pkts_file" or die $!;
while (<F>) {
- if (/Bogus\s(\S+)\:\s+(.*)\,\sSPA\spacket\:\s(\S+)/) {
- $fuzzing_spa_packets{$1}{$2} = $3;
+ if (/(?:Bogus|Invalid_encoding)\s(\S+)\:\s+(.*)\,\sSPA\spacket\:\s(\S+)/) {
+ push @{$fuzzing_spa_packets{$1}{$2}}, $3;
}
}
close F;
for my $field (keys %fuzzing_spa_packets) {
for my $field_val (keys %{$fuzzing_spa_packets{$field}}) {
+ for my $encrypted_spa_pkt (@{$fuzzing_spa_packets{$field}{$field_val}}) {
- my $encrypted_spa_pkt = $fuzzing_spa_packets{$field}{$field_val};
+ ### now get new object for decryption
+ $fko_obj = FKO->new();
+ unless ($fko_obj) {
+ &write_test_file("[-] error FKO->new(): " . FKO::error_str() . "\n",
+ $current_test_file);
+ return 0;
+ }
+ $fko_obj->spa_data($encrypted_spa_pkt);
- ### now get new object for decryption
- $fko_obj = FKO->new();
- unless ($fko_obj) {
- &write_test_file("[-] error FKO->new(): " . FKO::error_str() . "\n",
- $current_test_file);
- return 0;
- }
- $fko_obj->spa_data($encrypted_spa_pkt);
+ my $status = $fko_obj->decrypt_spa_data($fuzzing_key);
- my $status = $fko_obj->decrypt_spa_data($fuzzing_key);
+ if ($status == FKO->FKO_SUCCESS) {
+ &write_test_file("[-] Accepted fuzzing $field $field_val SPA packet.\n",
+ $current_test_file);
+ $rv = 0;
+ } else {
+ &write_test_file("[+] Rejected fuzzing $field $field_val SPA packet.\n",
+ $current_test_file);
+ }
- if ($status == FKO->FKO_SUCCESS) {
- &write_test_file("[-] Accepted fuzzing $field $field_val SPA packet.\n",
- $current_test_file);
- $rv = 0;
- } else {
- &write_test_file("[+] Rejected fuzzing $field $field_val SPA packet.\n",
- $current_test_file);
+ $fko_obj->destroy();
}
-
- $fko_obj->destroy();
}
}
if ($enable_perl_module_fuzzing_spa_pkt_generation) {
push @tests_to_include, qr/perl FKO module/;
+ if ($fuzzing_class eq 'bogus data') {
+ push @tests_to_exclude, qr/perl FKO module.*FUZZING.*invalid encoded/;
+ } else {
+ push @tests_to_exclude, qr/perl FKO module.*FUZZING.*invalid SPA/;
+ }
} else {
push @tests_to_exclude, qr/perl FKO module.*FUZZING/;
}
projects / fwknop.git / commitdiff