Changeset 3635


Ignore:
Timestamp:
Aug 6, 2009, 11:17:00 PM (11 years ago)
Author:
Sam Hocevar
Message:

Allow remote network host filtering, courtesy of Corentin Delorme.

Location:
zzuf/trunk
Files:
1 added
10 edited
1 copied

Legend:

Unmodified
Added
Removed
  • zzuf/trunk/AUTHORS

    r1796 r3635  
    22
    33main zzuf author:
    4  Sam Hocevar <sam@zoy.org>
     4 Sam Hocevar <sam@hocevar.net>
    55
    66other contributors:
     
    99 Dominik Kuhlen <dominik.kuhlen#gmit-gmbh:de> (recvfrom)
    1010 Sami Liedes <sliedes#cc:hut:fi> (LD_PRELOAD conservation)
     11 Corentin Delorme <codelorme@gmail.com> (remote host filtering)
     12
  • zzuf/trunk/src/Makefile.am

    r2534 r3635  
    1414
    1515pkglib_LTLIBRARIES = libzzuf.la
    16 libzzuf_la_SOURCES = libzzuf.c libzzuf.h $(COMMON) debug.c debug.h sys.c sys.h \
     16libzzuf_la_SOURCES = libzzuf.c libzzuf.h $(COMMON) debug.c debug.h \
     17                     sys.c sys.h network.c network.h \
    1718                     lib-fd.c lib-mem.c lib-signal.c lib-stream.c lib-load.h
    1819libzzuf_la_CFLAGS = -DLIBZZUF
  • zzuf/trunk/src/fd.c

    r2584 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2006-2007 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2006-2009 Sam Hocevar <sam@hocevar.net>
    44 *                All Rights Reserved
    55 *
     
    3636#include "fd.h"
    3737#include "fuzz.h"
     38#include "network.h"
    3839#include "ranges.h"
    3940
     
    4344static int has_include = 0, has_exclude = 0;
    4445#endif
    45 
    46 /* Network port cherry picking */
    47 static int *ports = NULL;
    48 static int static_ports[512];
    4946
    5047/* File descriptor cherry picking */
     
    10097}
    10198
    102 void _zz_ports(char const *portlist)
    103 {
    104     ports = _zz_allocrange(portlist, static_ports);
    105 }
    106 
    10799void _zz_list(char const *fdlist)
    108100{
     
    200192    if(list != static_list)
    201193        free(list);
    202     if(ports != static_ports)
    203         free(ports);
    204194}
    205195
     
    225215
    226216    return 1;
    227 }
    228 
    229 int _zz_portwatched(int port)
    230 {
    231     if(!ports)
    232         return 1;
    233 
    234     return _zz_isinrange(port, ports);
    235217}
    236218
  • zzuf/trunk/src/fd.h

    r2584 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2006 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2006-2009 Sam Hocevar <sam@hocevar.net>
    44 *                All Rights Reserved
    55 *
     
    2727
    2828extern int _zz_mustwatch(char const *);
    29 extern int _zz_portwatched(int);
    3029extern int _zz_iswatched(int);
    3130extern void _zz_register(int);
  • zzuf/trunk/src/fuzz.h

    r1858 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2006 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2006-2009 Sam Hocevar <sam@hocevar.net>
    44 *                All Rights Reserved
    55 *
     
    2020extern void _zz_bytes(char const *);
    2121extern void _zz_list(char const *);
    22 extern void _zz_ports(char const *);
    2322extern void _zz_protect(char const *);
    2423extern void _zz_refuse(char const *);
  • zzuf/trunk/src/lib-fd.c

    r3634 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2006, 2007 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2006-2009 Sam Hocevar <sam@hocevar.net>
    44 *                2007 Rémi Denis-Courmont <rdenis#simphalempin:com>
    55 *                2007 Clément Stenac <zorglub#diwi:org>
    66 *                2007 Dominik Kuhlen <dominik.kuhlen#gmit-gmbh:de>
     7 *                2009 Corentin Delorme <codelorme@gmail.com>
    78 *                All Rights Reserved
    89 *
     
    352353    LOADSYM(recv);
    353354    ret = ORIG(recv)(s, buf, len, flags);
    354     if(!_zz_ready || !_zz_iswatched(s) || _zz_islocked(s) || !_zz_isactive(s))
     355    if(!_zz_ready || !_zz_iswatched(s) || !_zz_hostwatched(s)
     356         || _zz_islocked(s) || !_zz_isactive(s))
    355357        return ret;
    356358
     
    385387    LOADSYM(recvfrom);
    386388    ret = ORIG(recvfrom)(s, buf, len, flags, from, fromlen);
    387     if(!_zz_ready || !_zz_iswatched(s) || _zz_islocked(s) || !_zz_isactive(s))
     389    if(!_zz_ready || !_zz_iswatched(s) || !_zz_hostwatched(s)
     390         || _zz_islocked(s) || !_zz_isactive(s))
    388391        return ret;
    389392
     
    425428    LOADSYM(recvmsg);
    426429    ret = ORIG(recvmsg)(s, hdr, flags);
    427     if(!_zz_ready || !_zz_iswatched(s) || _zz_islocked(s) || !_zz_isactive(s))
     430    if(!_zz_ready || !_zz_iswatched(s) || !_zz_hostwatched(s)
     431         || _zz_islocked(s) || !_zz_isactive(s))
    428432        return ret;
    429433
     
    445449    LOADSYM(read);
    446450    ret = ORIG(read)(fd, buf, count);
    447     if(!_zz_ready || !_zz_iswatched(fd) || _zz_islocked(fd)
    448          || !_zz_isactive(fd))
     451    if(!_zz_ready || !_zz_iswatched(fd) || !_zz_hostwatched(fd)
     452         || _zz_islocked(fd) || !_zz_isactive(fd))
    449453        return ret;
    450454
  • zzuf/trunk/src/libzzuf.c

    r2527 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2006 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2006-2009 Sam Hocevar <sam@hocevar.net>
    44 *                All Rights Reserved
    55 *
     
    4545#include "debug.h"
    4646#include "fd.h"
     47#include "network.h"
    4748#include "sys.h"
    4849#include "fuzz.h"
     
    141142        _zz_ports(tmp);
    142143
     144    tmp = getenv("ZZUF_ALLOW");
     145    if(tmp && *tmp)
     146        _zz_allow(tmp);
     147
     148    tmp = getenv("ZZUF_DENY");
     149    if(tmp && *tmp)
     150        _zz_deny(tmp);
     151
    143152    tmp = getenv("ZZUF_PROTECT");
    144153    if(tmp && *tmp)
     
    170179
    171180    _zz_fd_init();
     181    _zz_network_init();
    172182    _zz_sys_init();
    173183
     
    189199{
    190200    _zz_fd_fini();
     201    _zz_network_fini();
    191202}
    192203
  • zzuf/trunk/src/network.h

    r3634 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2006 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2006-2009 Sam Hocevar <sam@hocevar.net>
     4 *                2009 Corentin Delorme <codelorme@gmail.com>
    45 *                All Rights Reserved
    56 *
     
    1415
    1516/*
    16  *  fuzz.h: fuzz functions
     17 *  network.h: network connection helper functions
    1718 */
    1819
    19 extern void _zz_fuzzing(char const *);
    20 extern void _zz_bytes(char const *);
    21 extern void _zz_list(char const *);
    2220extern void _zz_ports(char const *);
    23 extern void _zz_protect(char const *);
    24 extern void _zz_refuse(char const *);
     21extern void _zz_allow(char const *);
     22extern void _zz_deny(char const *);
     23extern void _zz_network_init(void);
     24extern void _zz_network_fini(void);
    2525
    26 extern void _zz_fuzz(int, volatile uint8_t *, int64_t);
     26extern int _zz_portwatched(int);
     27extern int _zz_hostwatched(int);
    2728
  • zzuf/trunk/src/opts.c

    r2521 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2002, 2007 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2002, 2007-2009 Sam Hocevar <sam@hocevar.net>
    44 *                All Rights Reserved
    55 *
     
    3535{
    3636    opts->fuzzing = opts->bytes = opts->list = opts->ports = NULL;
     37    opts->allow = opts->deny = NULL;
    3738    opts->protect = opts->refuse = NULL;
    3839    opts->seed = DEFAULT_SEED;
  • zzuf/trunk/src/opts.h

    r1858 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2002, 2007 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2002, 2007-2009 Sam Hocevar <sam@hocevar.net>
    44 *                All Rights Reserved
    55 *
     
    2121    char **oldargv;
    2222    char **newargv;
    23     char *fuzzing, *bytes, *list, *ports, *protect, *refuse;
     23    char *fuzzing, *bytes, *list, *ports, *protect, *refuse, *allow, *deny;
    2424    uint32_t seed;
    2525    uint32_t endseed;
  • zzuf/trunk/src/zzuf.c

    r3631 r3635  
    11/*
    22 *  zzuf - general purpose fuzzer
    3  *  Copyright (c) 2002, 2007 Sam Hocevar <sam@zoy.org>
     3 *  Copyright (c) 2002, 2007-2009 Sam Hocevar <sam@hocevar.net>
    44 *                All Rights Reserved
    55 *
     
    176176#endif
    177177#define OPTSTR "+" OPTSTR_REGEX OPTSTR_RLIMIT_MEM OPTSTR_RLIMIT_CPU \
    178                 "Ab:B:C:dD:f:F:ij:l:mnp:P:qr:R:s:St:vxhV"
     178                "a:Ab:B:C:dD:e:f:F:ij:l:mnp:P:qr:R:s:St:vxhV"
    179179#define MOREINFO "Try `%s --help' for more information.\n"
    180180        int option_index = 0;
     
    182182        {
    183183            /* Long option, needs arg, flag, short option */
     184            { "allow",      1, NULL, 'a' },
    184185            { "autoinc",     0, NULL, 'A' },
    185186            { "bytes",       1, NULL, 'b' },
     
    191192            { "debug",       0, NULL, 'd' },
    192193            { "delay",       1, NULL, 'D' },
     194            { "deny",        1, NULL, 'e' },
    193195#if defined HAVE_REGEX_H
    194196            { "exclude",     1, NULL, 'E' },
     
    226228        switch(c)
    227229        {
     230        case 'a': /* --allow */
     231            opts->allow = myoptarg;
     232            break;
    228233        case 'A': /* --autoinc */
    229234            setenv("ZZUF_AUTOINC", "1", 1);
     
    256261                myoptarg++;
    257262            opts->delay = (int64_t)(atof(myoptarg) * 1000000.0);
     263            break;
     264        case 'e': /* --deny */
     265            opts->deny = myoptarg;
    258266            break;
    259267#if defined HAVE_REGEX_H
     
    387395    }
    388396
     397    if (opts->allow && !network)
     398    {
     399        fprintf(stderr, "%s: allow option (-a) requires network fuzzing (-n)\n",
     400                argv[0]);
     401        printf(MOREINFO, argv[0]);
     402        _zz_opts_fini(opts);
     403        return EXIT_FAILURE;
     404    }
     405
     406    if (opts->deny && !network)
     407    {
     408        fprintf(stderr, "%s: deny option (-e) requires network fuzzing (-n)\n",
     409                argv[0]);
     410        printf(MOREINFO, argv[0]);
     411        _zz_opts_fini(opts);
     412        return EXIT_FAILURE;
     413    }
     414
    389415    _zz_setratio(opts->minratio, opts->maxratio);
    390416    _zz_setseed(opts->seed);
     
    445471    if(opts->ports)
    446472        setenv("ZZUF_PORTS", opts->ports, 1);
     473    if(opts->allow)
     474        setenv("ZZUF_ALLOW", opts->allow, 1);
     475    if(opts->deny)
     476        setenv("ZZUF_DENY", opts->deny, 1);
    447477    if(opts->protect)
    448478        setenv("ZZUF_PROTECT", opts->protect, 1);
     
    500530    if(opts->list)
    501531        _zz_list(opts->list);
    502     if(opts->ports)
    503         _zz_ports(opts->ports);
    504532    if(opts->protect)
    505533        _zz_protect(opts->protect);
     
    11831211{
    11841212    printf("zzuf %s\n", PACKAGE_VERSION);
    1185     printf("Copyright (C) 2002, 2007-2008 Sam Hocevar <sam@zoy.org>\n");
     1213    printf("Copyright (C) 2002, 2007-2009 Sam Hocevar <sam@hocevar.net>\n");
    11861214    printf("This program is free software. It comes without any warranty, to the extent\n");
    11871215    printf("permitted by applicable law. You can redistribute it and/or modify it under\n");
     
    11891217    printf("published by Sam Hocevar. See <http://sam.zoy.org/wtfpl/> for more details.\n");
    11901218    printf("\n");
    1191     printf("Written by Sam Hocevar. Report bugs to <sam@zoy.org>.\n");
     1219    printf("Written by Sam Hocevar. Report bugs to <sam@hocevar.net>.\n");
    11921220}
    11931221
     
    12191247    printf("\n");
    12201248    printf("Mandatory arguments to long options are mandatory for short options too.\n");
     1249    printf("  -a, --allow <list>        only fuzz network input for IPs in <list>\n");
    12211250    printf("  -A, --autoinc             increment seed each time a new file is opened\n");
    12221251    printf("  -b, --bytes <ranges>      only fuzz bytes at offsets within <ranges>\n");
     
    12281257    printf("  -d, --debug               print debug messages\n");
    12291258    printf("  -D, --delay               delay between forks\n");
     1259    printf("  -e, --deny <list>         do not fuzz network input for IPs in <list>\n");
    12301260#if defined HAVE_REGEX_H
    12311261    printf("  -E, --exclude <regex>     do not fuzz files matching <regex>\n");
     
    12591289    printf("  -V, --version             output version information and exit\n");
    12601290    printf("\n");
    1261     printf("Written by Sam Hocevar. Report bugs to <sam@zoy.org>.\n");
    1262 }
    1263 
     1291    printf("Written by Sam Hocevar. Report bugs to <sam@hocevar.net>.\n");
     1292}
     1293
Note: See TracChangeset for help on using the changeset viewer.