Peter M. Groen / FlashMQ

Commit 80d5cf8bbe6155ca4d3c36183a1dce0691a60b7e

Authored by Wiebe Cazemier
1 parent ddf2b612

Crude websocket fuzz mode 

Probably I also need a flag to fake already being upgraded, because
otherwise we never get passed the complicated websocket handshake.
Inline Side-by-side
Showing 8 changed files with 30 additions and 2 deletions
fuzztestsplainwebsocket/plainwebsocketpacket1.dat 0 → 100644
  View file @80d5cf8
  1 +GET /mqtt HTTP/1.1
  2 +Host: localhost:8080
  3 +Upgrade: websocket
  4 +Connection: Upgrade
  5 +Origin: https://localhost:8080
  6 +Sec-WebSocket-Key: t0gTTkLcTIeCWbst7pmP3A==
  7 +Sec-Websocket-Version: 13
  8 +Sec-Websocket-Protocol: mqtt
  9 +
fuzztestsplainwebsocket/plainwebsocketpacket2.dat 0 → 100644
View file @80d5cf8
No preview for this file type
fuzztestsplainwebsocket/plainwebsocketpacket3.dat 0 → 100644
View file @80d5cf8
No preview for this file type
fuzztestsplainwebsocket/plainwebsocketpacket4.dat 0 → 100644
View file @80d5cf8
No preview for this file type
fuzztestsplainwebsocket/plainwebsocketpacket5.dat 0 → 100644
  View file @80d5cf8
  1 +¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡ÀT°«ÄP´¯È\²©ÂV¶­ÆRº¡
0 \ No newline at end of file 2 \ No newline at end of file
fuzztestsplainwebsocket/websocket5packets.dat 0 → 100644
View file @80d5cf8
No preview for this file type
mainapp.cpp
  View file @80d5cf8
@@ -187,6 +187,9 @@ void MainApp::doHelp(const char *arg) @@ -187,6 +187,9 @@ void MainApp::doHelp(const char *arg)
187 puts(" -t, --test-config Test configuration file."); 187 puts(" -t, --test-config Test configuration file.");
188 #ifndef NDEBUG 188 #ifndef NDEBUG
189 puts(" -z, --fuzz-file <inputdata.dat> For fuzzing, provides the bytes that would be sent by a client."); 189 puts(" -z, --fuzz-file <inputdata.dat> For fuzzing, provides the bytes that would be sent by a client.");
  190 + puts(" -W, --fuzz-websockets Mark the client as websockets for fuzzing. The handshaking process makes");
  191 + puts(" it a less useful though, because the fuzzer is not able to handle");
  192 + puts(" replies from the server, which would change the internal state.");
190 #endif 193 #endif
191 puts(" -V, --version Show version"); 194 puts(" -V, --version Show version");
192 puts(" -l, --license Show license"); 195 puts(" -l, --license Show license");
@@ -264,6 +267,11 @@ void MainApp::setFuzzFile(const std::string &amp;fuzzFilePath) @@ -264,6 +267,11 @@ void MainApp::setFuzzFile(const std::string &amp;fuzzFilePath)
264 this->fuzzFilePath = fuzzFilePath; 267 this->fuzzFilePath = fuzzFilePath;
265 } 268 }
266 269
  270 +void MainApp::setFuzzWebsockets(bool val)
  271 +{
  272 + this->fuzzWebsockets = val;
  273 +}
  274 +
267 void MainApp::initMainApp(int argc, char *argv[]) 275 void MainApp::initMainApp(int argc, char *argv[])
268 { 276 {
269 if (instance != nullptr) 277 if (instance != nullptr)
@@ -275,6 +283,7 @@ void MainApp::initMainApp(int argc, char *argv[]) @@ -275,6 +283,7 @@ void MainApp::initMainApp(int argc, char *argv[])
275 {"config-file", required_argument, nullptr, 'c'}, 283 {"config-file", required_argument, nullptr, 'c'},
276 {"test-config", no_argument, nullptr, 't'}, 284 {"test-config", no_argument, nullptr, 't'},
277 {"fuzz-file", required_argument, nullptr, 'z'}, 285 {"fuzz-file", required_argument, nullptr, 'z'},
  286 + {"fuzz-websockets", no_argument, nullptr, 'W'},
278 {"version", no_argument, nullptr, 'V'}, 287 {"version", no_argument, nullptr, 'V'},
279 {"license", no_argument, nullptr, 'l'}, 288 {"license", no_argument, nullptr, 'l'},
280 {nullptr, 0, nullptr, 0} 289 {nullptr, 0, nullptr, 0}
@@ -282,11 +291,12 @@ void MainApp::initMainApp(int argc, char *argv[]) @@ -282,11 +291,12 @@ void MainApp::initMainApp(int argc, char *argv[])
282 291
283 std::string configFile; 292 std::string configFile;
284 std::string fuzzFile; 293 std::string fuzzFile;
  294 + bool fuzzWebsockets = false;
285 295
286 int option_index = 0; 296 int option_index = 0;
287 int opt; 297 int opt;
288 bool testConfig = false; 298 bool testConfig = false;
289 - while((opt = getopt_long(argc, argv, "hc:Vltz:", long_options, &option_index)) != -1) 299 + while((opt = getopt_long(argc, argv, "hc:Vltz:W", long_options, &option_index)) != -1)
290 { 300 {
291 switch(opt) 301 switch(opt)
292 { 302 {
@@ -302,6 +312,9 @@ void MainApp::initMainApp(int argc, char *argv[]) @@ -302,6 +312,9 @@ void MainApp::initMainApp(int argc, char *argv[])
302 case 'z': 312 case 'z':
303 fuzzFile = optarg; 313 fuzzFile = optarg;
304 break; 314 break;
  315 + case 'W':
  316 + fuzzWebsockets = true;
  317 + break;
305 case 'h': 318 case 'h':
306 MainApp::doHelp(argv[0]); 319 MainApp::doHelp(argv[0]);
307 exit(16); 320 exit(16);
@@ -339,6 +352,7 @@ void MainApp::initMainApp(int argc, char *argv[]) @@ -339,6 +352,7 @@ void MainApp::initMainApp(int argc, char *argv[])
339 352
340 instance = new MainApp(configFile); 353 instance = new MainApp(configFile);
341 instance->setFuzzFile(fuzzFile); 354 instance->setFuzzFile(fuzzFile);
  355 + instance->setFuzzWebsockets(fuzzWebsockets);
342 } 356 }
343 357
344 358
@@ -392,7 +406,7 @@ void MainApp::start() @@ -392,7 +406,7 @@ void MainApp::start()
392 { 406 {
393 std::vector<MqttPacket> packetQueueIn; 407 std::vector<MqttPacket> packetQueueIn;
394 408
395 - Client_p client(new Client(fd, threads[0], nullptr, false, settings, true)); 409 + Client_p client(new Client(fd, threads[0], nullptr, fuzzWebsockets, settings, true));
396 client->readFdIntoBuffer(); 410 client->readFdIntoBuffer();
397 client->bufferToMqttPackets(packetQueueIn, client); 411 client->bufferToMqttPackets(packetQueueIn, client);
398 412
mainapp.h
  View file @80d5cf8
@@ -40,6 +40,7 @@ class MainApp @@ -40,6 +40,7 @@ class MainApp
40 std::list<std::shared_ptr<Listener>> listeners; 40 std::list<std::shared_ptr<Listener>> listeners;
41 std::mutex quitMutex; 41 std::mutex quitMutex;
42 std::string fuzzFilePath; 42 std::string fuzzFilePath;
  43 + bool fuzzWebsockets = false;
43 44
44 Logger *logger = Logger::getInstance(); 45 Logger *logger = Logger::getInstance();
45 46
@@ -51,6 +52,7 @@ class MainApp @@ -51,6 +52,7 @@ class MainApp
51 void wakeUpThread(); 52 void wakeUpThread();
52 void queueKeepAliveCheckAtAllThreads(); 53 void queueKeepAliveCheckAtAllThreads();
53 void setFuzzFile(const std::string &fuzzFilePath); 54 void setFuzzFile(const std::string &fuzzFilePath);
  55 + void setFuzzWebsockets(bool val);
54 56
55 MainApp(const std::string &configFilePath); 57 MainApp(const std::string &configFilePath);
56 public: 58 public: