def setupProject(project): # Locate MO full path mo_filename = 'libc.mo' COMMAND = ['/bin/bash', '/nonexistantpath'] orig_filename = locateMO(project, COMMAND, mo_filename) # Create (...)/LC_MESSAGES/ directory LocaleDirectory(project, "locale_dir") # Create mangled MO file mangle = MangleGettext(project, orig_filename) mangle.max_size = None mangle.config.max_op = 2000 # Run program with fuzzy MO file and special LANGUAGE env var process = GettextProcess(project, COMMAND) process.timeout = 10.0 process.env.add(EnvVarValue('LANGUAGE')) process.env.copy('LANG') # Watch process failure with its PID # Ignore bash exit code (127: command not found) WatchProcess(process, exitcode_score=0) # Watch process failure with its text output stdout = WatchStdout(process) stdout.words['failed'] = 0
def setupProject(self): self.project.debugger.enabled = False FuzzedHttpServer(self.project, 8898) process = ProjectProcess( self.project, [ 'python3', '-m', 'wpull', '127.0.0.1:8898', '--timeout', '2.0', '--tries', '1', ], ) process.max_memory = 500000000 process.env.set( 'PYTHONPATH', os.path.join(os.path.abspath(os.path.dirname(__file__)), '..', '..')) WatchProcess(process, exitcode_score=0.45) stdout_watcher = WatchStdout(process) stdout_watcher.ignoreRegex(r'Read timed out', ) stdout_watcher.ignoreRegex(r'Error parsing status line', ) stdout_watcher.ignoreRegex( r'WARNING Invalid content length: invalid literal for int') stdout_watcher.ignoreRegex(r'encountered an error: zlib error: ')
def setupProject(project): # Use non trival program to make sure that libc uses many environment variables # COMMAND = ['/bin/bash', '-c', 'echo "Hello World!"'] COMMAND = ['python', '-c', 'print "Hello World!"'] MAX_COUNT = 5 # Run program with fuzzed environment variables vars = list(LIBC_VARIABLES) if False: # AVOID libc bugs vars.remove('LD_HWCAP_MASK') vars.remove('MALLOC_TOP_PAD_') if False: var = EnvVarInteger(vars, max_count=MAX_COUNT) elif False: var = EnvVarLength(vars, max_count=MAX_COUNT) elif False: var = EnvVarRandom(vars, max_length=200, max_count=MAX_COUNT) var.characters = LETTERS | PUNCTUATION else: var = EnvVarRandom(vars, max_length=2000, max_count=MAX_COUNT) process = ProjectProcess(project, COMMAND) process.env.add(var) # Watch process failure with its PID WatchProcess(process) # Watch process failure with its text output stdout = WatchStdout(process) stdout.words['failed'] = 0
def setupProject(self): self.project.debugger.enabled = False FuzzedHttpServer(self.project, 8898) process = ProjectProcess( self.project, ['python3', '-m', 'wpull', '127.0.0.1:8898', '--timeout', '2.0', '--tries', '1', ], ) process.max_memory = 500000000 process.env.set( 'PYTHONPATH', os.path.join( os.path.abspath(os.path.dirname(__file__)), '..', '..') ) WatchProcess(process, exitcode_score=0.45) stdout_watcher = WatchStdout(process) stdout_watcher.ignoreRegex( r'Read timed out', ) stdout_watcher.ignoreRegex( r'Error parsing status line', ) stdout_watcher.ignoreRegex( r'WARNING Invalid content length: invalid literal for int' ) stdout_watcher.ignoreRegex( r'encountered an error: zlib error: ' )
def processLine(self, line): match = re.search('Call to undefined function ([a-z0-9_]+)', line) if match: name = match.group(1) functions = self.php_source().functions if name in functions: functions.remove(name) self.error("Remove undefined function: %s (new function list length: %s)" % ( name, len(functions))) else: WatchStdout.processLine(self, line)
def setupProject(project): USE_STDOUT = True time = ProcessTimeWatch( project, too_slow=3.0, too_slow_score=0.10, too_fast=0.100, too_fast_score=-0.80, ) orig_filename = project.application().getInputFilename("PDF document") if AUTO_MANGLE: mangle = AutoMangle(project, orig_filename) mangle.hard_max_op = 1000 else: mangle = MangleFile(project, orig_filename) mangle.config.max_op = 1000 options = {'timeout': 5.0} if not USE_STDOUT: options['stdout'] = 'null' process = PopplerProcess(project, ['pdftotext'], **options) WatchProcess(process, exitcode_score=-0.10) if USE_STDOUT: stdout = WatchStdout(process) def cleanupLine(line): match = re.match(r"Error(?: \([0-9]+\))?: (.*)", line) if match: line = match.group(1) return line stdout.cleanup_func = cleanupLine del stdout.words['unknown'] # stdout.show_not_matching = True # stdout.ignoreRegex(r"Unknown operator 'allocate'$") # stdout.ignoreRegex(r" operator is wrong type \(error\)$") # stdout.ignoreRegex(r'^No current point in lineto$') # stdout.ignoreRegex(r'^No current point in lineto') # stdout.ignoreRegex(r'^Unknown operator ') # stdout.ignoreRegex(r"^Couldn't open 'nameToUnicode' file ") # stdout.ignoreRegex(r"^Illegal character ") # stdout.ignoreRegex(r"^No font in show$") # stdout.ignoreRegex(r"^Element of show/space array must be number or string$") # stdout.ignoreRegex(r"^No current point in curveto$") # stdout.ignoreRegex(r"^Badly formatted number$") # stdout.ignoreRegex(r"^Dictionary key must be a name object$") # stdout.ignoreRegex(r"^End of file inside array$") # stdout.ignoreRegex(r"^Too few \([0-9]+\) args to .* operator$") # stdout.ignoreRegex(r"Too many args in content stream") stdout.max_nb_line = (100, 0.20)
def setupProject(project): orig_filename = project.application().getInputFilename("RPM archive") mangle = MangleRPM(project, orig_filename) if True: mangle.config.max_op = 200 else: mangle.config.min_op = 0 mangle.config.max_op = 0 process = RpmProcess(project, ['/usr/bin/rpm', '-qpi', 'file.rpm'], timeout=10.0) WatchProcess(process) stdout = WatchStdout(process) stdout.patterns['memory allocation failed'] = 1.0
def setupProject(project): USE_STDOUT = True time = ProcessTimeWatch(project, too_slow=3.0, too_slow_score=0.10, too_fast=0.100, too_fast_score=-0.80, ) orig_filename = project.application().getInputFilename("PDF document") if AUTO_MANGLE: mangle = AutoMangle(project, orig_filename) mangle.hard_max_op = 1000 else: mangle = MangleFile(project, orig_filename) mangle.config.max_op = 1000 options = {'timeout': 5.0} if not USE_STDOUT: options['stdout'] = 'null' process = PopplerProcess(project, ['pdftotext'], **options) WatchProcess(process, exitcode_score=-0.10) if USE_STDOUT: stdout = WatchStdout(process) def cleanupLine(line): match = re.match(r"Error(?: \([0-9]+\))?: (.*)", line) if match: line = match.group(1) return line stdout.cleanup_func = cleanupLine del stdout.words['unknown'] # stdout.show_not_matching = True # stdout.ignoreRegex(r"Unknown operator 'allocate'$") # stdout.ignoreRegex(r" operator is wrong type \(error\)$") # stdout.ignoreRegex(r'^No current point in lineto$') # stdout.ignoreRegex(r'^No current point in lineto') # stdout.ignoreRegex(r'^Unknown operator ') # stdout.ignoreRegex(r"^Couldn't open 'nameToUnicode' file ") # stdout.ignoreRegex(r"^Illegal character ") # stdout.ignoreRegex(r"^No font in show$") # stdout.ignoreRegex(r"^Element of show/space array must be number or string$") # stdout.ignoreRegex(r"^No current point in curveto$") # stdout.ignoreRegex(r"^Badly formatted number$") # stdout.ignoreRegex(r"^Dictionary key must be a name object$") # stdout.ignoreRegex(r"^End of file inside array$") # stdout.ignoreRegex(r"^Too few \([0-9]+\) args to .* operator$") # stdout.ignoreRegex(r"Too many args in content stream") stdout.max_nb_line = (100, 0.20)
def setupProject(project): VIM = EnvVarLength(['VIM', 'VIMRUNTIME'], max_length=10000) process = ProjectProcess(project, ['vim', '--version']) process.env.add(VIM) WatchProcess(process) WatchStdout(process)
def setupProject(project): process = ProjectProcess(project, ['xterm', 'ls'], timeout=1.0) setupX11Process(process) process.env.add(EnvVarLength('PATH', max_length=1000)) WatchProcess(process, timeout_score=0) WatchStdout(process)
def setupProject(self): parrot_root = self.options.parrot_root runcore = self.options.runcore parrot = locateProgram(parrot_root + "/parrot") process = ParrotProcess(self.project, [parrot, runcore, "<fuzzy.pir>"]) pirgen = PirGenerator(self.project, self.options) WatchProcess(process) WatchStdout(process)
def setupProject(project): # project.session_timeout = 1.0 process = ProjectProcess(project, ['/bin/bash'], timeout=5.0) AttackProc(project) WatchProcess(process, timeout_score=0) WatchStdout(process) syslog = Syslog(project) for watch in syslog: watch.ignoreRegex('info="invalid command"') watch.show_not_matching = True
def setupProject(project): process = MyProcess(project, ['/usr/bin/at'], timeout=5.0) WatchProcess(process, exitcode_score=0.15) stdout = WatchStdout(process) stdout.ignoreRegex(r'Bug reports to') stdout.words['error'] = 0.10 stdout.words['usage'] = 0.10
def setupProject(project): for filename in FILENAMES: if path_exists(filename): continue raise ValueError("File doesn't exist: %s! Fix FILENAMES constant" % filename) module_name = project.application().getInputFilename( 'Module name (use "ALL" to test all modules)') project.error("Use python interpreter: %s" % PYTHON) project.error("Use filenames: %s" % ', '.join(FILENAMES)) source = PythonSource(project, module_name) process = PythonProcess(project, [PYTHON, '-u', '<source.py>'], timeout=10.0, stdin='null') WatchProcess(process, exitcode_score=0) stdout = WatchStdout(process) stdout.max_nb_line = (1000, 1.0) # Disable dummy error messages stdout.words = { 'oops': 0.30, 'bug': 0.30, 'memory': 0.40, 'overflow': 0.40, 'fatal': 1.0, 'assert': 1.0, 'assertion': 1.0, 'critical': 1.0, 'panic': 1.0, 'glibc detected': 1.0, 'segfault': 1.0, 'segmentation fault': 1.0, } # PyPy messages stdout.addRegex("Fatal RPython error", 1.0) if DEBUG: stdout.show_matching = True stdout.show_not_matching = True
def setupProject(project): for filename in FILENAMES: if path_exists(filename): continue raise ValueError("File doesn't exist: %s! Fix FILENAMES constant" % filename) module_name = project.application().getInputFilename('Module name (use "ALL" to test all modules)') project.error("Use python interpreter: %s" % PYTHON) project.error("Use filenames: %s" % ', '.join(FILENAMES)) source = PythonSource(project, module_name) process = PythonProcess(project, [PYTHON, '-u', '<source.py>'], timeout=10.0, stdin='null') WatchProcess(process, exitcode_score=0) stdout = WatchStdout(process) stdout.max_nb_line = (1000, 1.0) # Disable dummy error messages stdout.words = { 'oops': 0.30, 'bug': 0.30, 'memory': 0.40, 'overflow': 0.40, 'fatal': 1.0, 'assert': 1.0, 'assertion': 1.0, 'critical': 1.0, 'panic': 1.0, 'glibc detected': 1.0, 'segfault': 1.0, 'segmentation fault': 1.0, } # PyPy messages stdout.addRegex("Fatal RPython error", 1.0) if DEBUG: stdout.show_matching = True stdout.show_not_matching = True
def setupProject(project): # Some options DEBUG = False USE_STDOUT = DEBUG sql = GenerateSQL(project, "sql") if DEBUG: sql.max_nb_instr = 1 # Watch mysqld process mysqld = AttachProcess(project, 'mysqld') mysqld.max_memory = 300*1024*1024 if USE_STDOUT: stdout = 'file' else: stdout = 'null' # MySQL client used to send fuzzy SQL process = MysqlProcess(project, ['/usr/bin/mysql'], stdout) WatchProcess(process, exitcode_score=0.15, timeout_score=0.15) if USE_STDOUT: stdout = WatchStdout(process) stdout.ignoreRegex('You have an error in your SQL syntax; check the manual') if not DEBUG: stdout.words['error'] = 0.10 else: stdout.words['error'] = 1.0 # Watch logs syslog = Syslog(project) mysql_log = FileWatch(project, open('/var/log/mysql/mysql.log'), 'mysql.log', start="end") # FileWatch(project, open('/var/log/mysql/mysql.err'), 'mysql.err', start="end"), logs = [ syslog.syslog, syslog.messages, mysql_log, ] for log in logs: log.words['mysqld'] = 1.0
def setupProject(project): orig_filename = project.application().getInputFilename("OGG/Vorbis file") mangle = OggMangle(project, orig_filename) if not INCR_MANGLE: mangle.hard_min_op = 1 mangle.hard_max_op = 100 else: from fusil.incr_mangle_op import InverseBit, Increment mangle.operations = (InverseBit, Increment) mangle.max_filesize = FILESIZE process = OggProcess(project, COMMAND, timeout=60.0) process.env.copy('HOME') if COMMAND[0] == 'ogg123': WatchProcess(process, exitcode_score=-0.25) else: WatchProcess(process, exitcode_score=0) stdout = WatchStdout(process) if True: # stdout.max_nb_line = (5000, 1.0) stdout.show_matching = True stdout.show_not_matching = True stdout.addRegex(r"The file may be corrupted", -0.50) stdout.addRegex(r"Corrupted ogg", -0.50) stdout.addRegex(r"Could not decode vorbis header packet", -0.50) # stdout.ignoreRegex('^Warning: Could not decode vorbis header packet') stdout.ignoreRegex('^Warning: sequence number gap') stdout.ignoreRegex('^New logical stream.*: type invalid$')
def setupProject(project): orig_filename = project.application().getInputFilename("JPEG picture") if INCR_MANGLE: mangle = IncrMangle(project, orig_filename) mangle.operation_per_version = 25 mangle.max_version = 50 # mangle.min_offset = 2 # mangle.max_offset = 555 else: AutoMangle(project, orig_filename) process = IdentifyProcess(project, ['exif', "<picture>"]) WatchProcess(process, # exitcode_score=-0.50, exitcode_score=0, ) stdout = WatchStdout(process) stdout.min_nb_line = (3, -0.5) stdout.words['error'] = 0.10 # "Color Space |Internal error (unknown value 4097)." is not a fatal error # stdout.ignoreRegex(r'Internal error \(unknown value') # stdout.addRegex(r'^Corrupt data', -1.0) # stdout.addRegex(r'does not contain EXIF data!$', -1.0) stdout.addRegex(r'The data supplied does not seem to contain EXIF data.$', -1.0) stdout.addRegex(r'does not contain EXIF data!$', -1.0) stdout.addRegex(r'^Unknown encoding\.$', -1.0) if DEBUG: stdout.show_not_matching = True
def setupProject(project): # Command line MAX_FILESIZE = 1 * 1024 * 1024 ARGUMENTS = ['-quiet'] MPLAYER_BIN = 'mplayer' NULL_VIDEO = True if NULL_VIDEO: ARGUMENTS.extend(['-vo', 'null', '-ao', 'null']) if True: SECONDS = 5 TIMEOUT = SECONDS + 1.0 ARGUMENTS.extend(['-endpos', str(SECONDS)]) else: TIMEOUT = 7.0 # Create buggy input file orig_filename = project.application().getInputFilename( "Audio or video file") mangle = AutoMangle(project, orig_filename) mangle.max_size = MAX_FILESIZE process = MplayerProcess(project, [MPLAYER_BIN] + ARGUMENTS + ["<movie_filename>"], timeout=TIMEOUT) if not NULL_VIDEO: setupX11Process(process) else: process.env.copy('HOME') watch = WatchProcess(process, timeout_score=0) if watch.cpu: watch.cpu.weight = 0.20 watch.cpu.max_load = 0.50 watch.cpu.max_duration = min(3, TIMEOUT - 0.5) watch.cpu.max_score = 0.50 stdout = WatchStdout(process) # Ignore input errors stdout.ignoreRegex('^Failed to open LIRC support') stdout.ignoreRegex("^Can't init input joystick$") stdout.ignoreRegex("^Can't open joystick device ") # Ignore codec loading errors stdout.ignoreRegex('^Failed to create DirectShow filter$') stdout.ignoreRegex('^Win32 LoadLibrary failed') stdout.ignoreRegex('^Error loading dll$') stdout.ignoreRegex('^ERROR: Could not open required DirectShow codec ') stdout.ignoreRegex("could not open DirectShow") # Ignore other errors stdout.ignoreRegex("^Terminal type `unknown' is not defined.$") stdout.ignoreRegex('^VDecoder init failed') stdout.ignoreRegex("Read error at pos\. [0-9]+") stdout.ignoreRegex("could not connect to socket") stdout.ignoreRegex('^ADecoder init failed') stdout.ignoreRegex('^error while decoding block:') stdout.ignoreRegex('^Error while decoding frame!$') stdout.ignoreRegex('^\[(mpeg4|msmpeg4|wmv1|h264|NULL) @ ') stdout.patterns['overflow'] = 0.10 # stdout.words['error'] = 0.10 # stdout.words["can't"] = 0 stdout.addRegex('MPlayer interrupted by signal', 1.0) stdout.addRegex('AVI: Missing video stream', -0.50) stdout.max_nb_line = None # Restore terminal state TerminalEcho(project)
def __init__(self, process, php_source): WatchStdout.__init__(self, process) self.php_source = ref(php_source)
def setupProject(self): self.project.debugger.enabled = False self.config.use_cpu_probe = False self.config.process_max_user_process = 50 port = 8848 seed = random.randint(0, 60000) timeout = 60 * 60 server_process = ProjectProcess(self.project, [ 'python3', '-m', 'huhhttp', '--port', str(port), '--seed', str(seed), '--fuzz-period', '500', '--restart-interval', '250', ], timeout=timeout) WatchProcess(server_process) process = ProjectProcess(self.project, [ 'python3', '-X', 'faulthandler', '-m', 'wpull', '127.0.0.1:{0}'.format(port), '--timeout', '5', '--warc-file', 'fusil-test', '-r', '--debug', '--page-requisites', '--delete-after', '--tries', '2', '--retry-connrefused', '--database', 'wpull.db', '--span-hosts-allow', 'page-requisites,linked-pages', '--no-check-certificate', '--concurrent', str(random.randint(1, 10)), ], timeout=timeout) process.env.set( 'PYTHONPATH', os.path.join(os.path.abspath(os.path.dirname(__file__)), '..', '..')) process.env.set('OBJGRAPH_DEBUG', '1') process.env.set('FILE_LEAK_DEBUG', '1') WatchProcessSpecificStatusCode(process) stdout_watcher = WatchStdout(process) stdout_watcher.max_nb_line = None stdout_watcher.ignoreRegex( r'WARNING Invalid content length: invalid literal for int') stdout_watcher.ignoreRegex(r'WARNING Unable to parse URL ') stdout_watcher.ignoreRegex(r'WARNING Failed to read document at ') stdout_watcher.ignoreRegex(r'WARNING Content overrun') stdout_watcher.ignoreRegex(r'ERROR Fetching ') stdout_watcher.ignoreRegex(r'DEBUG ') stdout_watcher.ignoreRegex(r'INFO Fetch(ed|ing) ') stdout_watcher.ignoreRegex(r'lsof: WARNING: ')
def setupProject(self): self.project.debugger.enabled = False self.config.process_max_user_process = 50 FuzzedHttpServer(self.project, 8898) process = ProjectProcess( self.project, ['python3', '-X', 'faulthandler', '-m', 'wpull', '127.0.0.1:8898', '--timeout', '2.0', '--tries', '1', ], ) process.env.set( 'PYTHONPATH', os.path.join( os.path.abspath(os.path.dirname(__file__)), '..', '..') ) WatchProcessSpecificStatusCode(process) stdout_watcher = WatchStdout(process) stdout_watcher.ignoreRegex( r'WARNING Invalid content length: invalid literal for int' ) stdout_watcher.ignoreRegex( r'WARNING Unable to parse URL ' ) stdout_watcher.ignoreRegex( r'WARNING Failed to read document at ' ) stdout_watcher.ignoreRegex( r'WARNING Content overrun' ) stdout_watcher.ignoreRegex( r'ERROR Fetching ' ) stdout_watcher.ignoreRegex( r'DEBUG ' ) stdout_watcher.ignoreRegex( r'INFO Fetch(ed|ing) ' )
def setupProject(project): # Command line MAX_FILESIZE = 1*1024*1024 ARGUMENTS = ['-quiet'] MPLAYER_BIN = 'mplayer' NULL_VIDEO = True if NULL_VIDEO: ARGUMENTS.extend(['-vo', 'null', '-ao', 'null']) if True: SECONDS = 5 TIMEOUT = SECONDS + 1.0 ARGUMENTS.extend(['-endpos', str(SECONDS)]) else: TIMEOUT = 7.0 # Create buggy input file orig_filename = project.application().getInputFilename("Audio or video file") mangle = AutoMangle(project, orig_filename) mangle.max_size = MAX_FILESIZE process = MplayerProcess(project, [MPLAYER_BIN] + ARGUMENTS + ["<movie_filename>"], timeout=TIMEOUT) if not NULL_VIDEO: setupX11Process(process) else: process.env.copy('HOME') watch = WatchProcess(process, timeout_score=0) if watch.cpu: watch.cpu.weight = 0.20 watch.cpu.max_load = 0.50 watch.cpu.max_duration = min(3, TIMEOUT-0.5) watch.cpu.max_score = 0.50 stdout = WatchStdout(process) # Ignore input errors stdout.ignoreRegex('^Failed to open LIRC support') stdout.ignoreRegex("^Can't init input joystick$") stdout.ignoreRegex("^Can't open joystick device ") # Ignore codec loading errors stdout.ignoreRegex('^Failed to create DirectShow filter$') stdout.ignoreRegex('^Win32 LoadLibrary failed') stdout.ignoreRegex('^Error loading dll$') stdout.ignoreRegex('^ERROR: Could not open required DirectShow codec ') stdout.ignoreRegex("could not open DirectShow") # Ignore other errors stdout.ignoreRegex("^Terminal type `unknown' is not defined.$") stdout.ignoreRegex('^VDecoder init failed') stdout.ignoreRegex("Read error at pos\. [0-9]+") stdout.ignoreRegex("could not connect to socket") stdout.ignoreRegex('^ADecoder init failed') stdout.ignoreRegex('^error while decoding block:') stdout.ignoreRegex('^Error while decoding frame!$') stdout.ignoreRegex('^\[(mpeg4|msmpeg4|wmv1|h264|NULL) @ ') stdout.patterns['overflow'] = 0.10 # stdout.words['error'] = 0.10 # stdout.words["can't"] = 0 stdout.addRegex('MPlayer interrupted by signal', 1.0) stdout.addRegex('AVI: Missing video stream', -0.50) stdout.max_nb_line = None # Restore terminal state TerminalEcho(project)
def setupProject(self): self.project.debugger.enabled = False self.config.process_max_user_process = 50 FuzzedHttpServer(self.project, 8898) process = ProjectProcess( self.project, [ 'python3', '-X', 'faulthandler', '-m', 'wpull', '127.0.0.1:8898', '--timeout', '2.0', '--tries', '1', ], ) process.env.set( 'PYTHONPATH', os.path.join(os.path.abspath(os.path.dirname(__file__)), '..', '..')) WatchProcessSpecificStatusCode(process) stdout_watcher = WatchStdout(process) stdout_watcher.ignoreRegex( r'WARNING Invalid content length: invalid literal for int') stdout_watcher.ignoreRegex(r'WARNING Unable to parse URL ') stdout_watcher.ignoreRegex(r'WARNING Failed to read document at ') stdout_watcher.ignoreRegex(r'WARNING Content overrun') stdout_watcher.ignoreRegex(r'ERROR Fetching ') stdout_watcher.ignoreRegex(r'DEBUG ') stdout_watcher.ignoreRegex(r'INFO Fetch(ed|ing) ')
def setupProject(project): global CMDLINE_ARG_POS orig_filename = project.application().getInputFilename("Image") mangle = ImageMangle(project, orig_filename) if INCR_MANGLE: mangle.operation_per_version = 1 mangle.max_version = 50 else: mangle.fixed_size_factor = 0.5 options = {'timeout': 2.0} if USE_CONVERT: cmdline = ['convert', '<source>', '/tmp/output.bmp'] CMDLINE_ARG_POS = 1 else: cmdline = ['identify', '-verbose', '<source>'] CMDLINE_ARG_POS = -1 if not USE_STDOUT: options['stdout'] = 'null' process = IdentifyProcess(project, cmdline, **options) options = {'exitcode_score': -0.25} if orig_filename.endswith(".jpg"): # Don't care about libjpeg stdout flooding options['timeout_score'] = -0.25 WatchProcess(process, **options) if USE_STDOUT: stdout = WatchStdout(process) stdout.max_nb_line = (3000, 0.20) stdout.patterns['memory allocation failed'] = 1.0 stdout.patterns['no decode delegate for this image format'] = -1.0 stdout.addRegex('Corrupt', 0.05) stdout.addRegex('Unsupported', 0.05) stdout.addRegex('Not a JPEG file', -0.50) stdout.addRegex('JPEG datastream contains no image', -0.50) stdout.show_not_matching = False
def setupProject(self): self.project.debugger.enabled = False self.config.use_cpu_probe = False self.config.process_max_user_process = 50 port = 8848 seed = random.randint(0, 60000) timeout = 60 * 60 server_process = ProjectProcess( self.project, [ 'python3', '-m', 'huhhttp', '--port', str(port), '--seed', str(seed), '--fuzz-period', '500', '--restart-interval', '250', ], timeout=timeout ) WatchProcess(server_process) process = ProjectProcess( self.project, [ 'python3', '-X', 'faulthandler', '-m', 'wpull', '127.0.0.1:{0}'.format(port), '--timeout', '5', '--warc-file', 'fusil-test', '-r', '--debug', '--page-requisites', '--delete-after', '--tries', '2', '--retry-connrefused', '--database', 'wpull.db', '--span-hosts-allow', 'page-requisites,linked-pages', '--no-check-certificate', '--concurrent', str(random.randint(1, 10)), ], timeout=timeout ) process.env.set( 'PYTHONPATH', os.path.join( os.path.abspath(os.path.dirname(__file__)), '..', '..') ) process.env.set('OBJGRAPH_DEBUG', '1') process.env.set('FILE_LEAK_DEBUG', '1') WatchProcessSpecificStatusCode(process) stdout_watcher = WatchStdout(process) stdout_watcher.max_nb_line = None stdout_watcher.ignoreRegex( r'WARNING Invalid content length: invalid literal for int' ) stdout_watcher.ignoreRegex( r'WARNING Unable to parse URL ' ) stdout_watcher.ignoreRegex( r'WARNING Failed to read document at ' ) stdout_watcher.ignoreRegex( r'WARNING Content overrun' ) stdout_watcher.ignoreRegex( r'ERROR Fetching ' ) stdout_watcher.ignoreRegex( r'DEBUG ' ) stdout_watcher.ignoreRegex( r'INFO Fetch(ed|ing) ' ) stdout_watcher.ignoreRegex( r'lsof: WARNING: ' )
def setupProject(project): TIMEOUT = 4 GST_LAUNCH_BIN = 'gst-launch-0.10' USE_DECODEBIN = True NO_AUDIO = True NO_VIDEO = True # Profile parameters AUDIO_SINK = "alsasink" VIDEO_SINK = "xvimagesink" if NO_AUDIO: AUDIO_SINK = "fakesink" if NO_VIDEO: VIDEO_SINK = "fakesink" # Create buggy input file orig_filename = project.application().getInputFilename("Audio or video file") if INCR_MANGLE: mangle = IncrMangle(project, orig_filename) mangle.max_size = 50*1024 # OGG #mangle.operation_per_version = 10 #mangle.max_version = 100 # WAVE #mangle.operation_per_version = 100 #mangle.max_version = 30 # AVI mangle.operation_per_version = 500 mangle.max_version = 50 else: mangle = AutoMangle(project, orig_filename) mangle.hard_max_op = 500 mangle.max_size = 10*1024*1024 if USE_DECODEBIN: # -f option: Do not install a fault handler arguments = [GST_LAUNCH_BIN, '-f', "filesrc", "location=<filename>", "!", "decodebin", "name=decoder", "decoder.", "!", "queue", "!", "audioconvert", "!", "audioresample", "!", AUDIO_SINK] if isVideo(orig_filename): arguments.extend(["decoder.", "!", "ffmpegcolorspace", "!", VIDEO_SINK]) class GstreamerProcess(CreateProcess): def on_mangle_filenames(self, movie_filenames): self.cmdline.arguments[3] = 'location=' + movie_filenames[0] self.createProcess() else: arguments = [GST_LAUNCH_BIN, '-f', 'playbin', 'uri=file://<playbin_uri>'] class GstreamerProcess(CreateProcess): def on_mangle_filenames(self, movie_filenames): self.cmdline.arguments[3] = 'uri=file://%s' % movie_filenames[0] self.createProcess() process = GstreamerProcess(project, arguments, timeout=TIMEOUT) WatchProcess(process, exitcode_score=0.20, timeout_score=0.20) #, timeout_score=0) setupX11Process(process) stdout = WatchStdout(process) stdout.words['error'] = 0.10 stdout.words['critical'] = 0.30 del stdout.words['assertion'] stdout.addRegex(r'Could not decode stream\.$', -1.0) stdout.addRegex(r'Could not (?:decode stream|determine type of stream|demultiplex stream)\.$', -1.0) stdout.addRegex(r'The stream is of a different type than handled by this element\.$', -1.0) stdout.addRegex(r'You might need to install the necessary plugins', 1.0) stdout.score_weight = 0.40