-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathfuzzMaybe.js
123 lines (110 loc) · 3.91 KB
/
fuzzMaybe.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
/**
* fuzzMaybe
*
* Sets up the Radamsa fuzzer based upon environment variables.
* Implements `fuzzMaybe`, which listens to these variables and uses
* them to fuzz points in writeToStream.
*/
// Invoke configuration
const config = (function() {
let options = {
MQTT_FUZZ_ENABLE: false,
MQTT_FUZZ_FLAGS: true,
MQTT_FUZZ_HEADERS: true,
MQTT_FUZZ_LENGTHS: true,
MQTT_FUZZ_NUMBERS: true,
MQTT_FUZZ_PROTOCOL_VERSION: true,
MQTT_FUZZ_SEED: 'timestamp',
MQTT_FUZZ_SHOW_IO: false,
MQTT_FUZZ_SKIP_CONTAINING: '',
MQTT_FUZZ_SKIP_FIRST_INPUTS: 0,
MQTT_FUZZ_STRINGS: true
};
// override defaults with environment variables
for (let key in process.env) {
if (key.substr(0,10) === 'MQTT_FUZZ_') {
if (key === "MQTT_FUZZ_SEED") {
if (process.env[key] !== 'timestamp') {
options[key] = parseInt(process.env[key]);
}
}
else if (key === 'MQTT_FUZZ_SKIP_FIRST_INPUTS') {
options[key] = parseInt(process.env[key]);
}
else if (key === 'MQTT_FUZZ_SKIP_CONTAINING') {
options[key] = process.env[key];
}
else {
let value = process.env[key];
options[key] = (value === '1' || value === 'true');
}
}
}
return options;
})();
// configure Radamsa
const Sinkdweller = require('sinkdweller');
const radamsa = new Sinkdweller();
// set the radamsa seed function based on MQTT_FUZZ_SEED
if (config.MQTT_FUZZ_SEED === 'timestamp') {
radamsa.setSeed(function() {
// use the millisecond time as a generator
return (new Date().getTime());
});
} else {
radamsa.setSeed(parseInt(config.MQTT_FUZZ_SEED));
}
var packetsFuzzed = 0; // total packets fuzzed, for MQTT_FUZZ_SKIP_FIRST_INPUTS
/**
* Fuzzes input with Radamsa. Maybe.
*
* @param {string|Buffer} input The input string/buffer to fuzz with Radamsa.
* @param {string} inputKey The keyed name of the input, in order to flag it on/off.
*/
function fuzzMaybe(input, inputKey) {
if (config.MQTT_FUZZ_ENABLE === true) {
let fuzz_this = false;
packetsFuzzed++; // incr. packets fuzzed
if (config.MQTT_FUZZ_SKIP_FIRST_INPUTS > 0 &&
packetsFuzzed <= config.MQTT_FUZZ_SKIP_FIRST_INPUTS) {
// short circuit for beginning packets, return raw input
return input;
}
else if (config.MQTT_FUZZ_SKIP_CONTAINING !== '') {
// both buffer and string have .indexOf that operates similarly.
fuzz_this = (input.indexOf(config.MQTT_FUZZ_SKIP_CONTAINING) === -1);
}
else if (inputKey === 'generic_number_cached' && config.MQTT_FUZZ_NUMBERS === true) {
fuzz_this = true;
}
else if (inputKey === 'generic_string' && config.MQTT_FUZZ_STRINGS === true) {
fuzz_this = true;
}
else if (inputKey.endsWith("header") && config.MQTT_FUZZ_HEADERS === true) {
fuzz_this = true;
}
else if (inputKey.endsWith("flags") && config.MQTT_FUZZ_FLAGS === true) {
fuzz_this = true;
}
else if (inputKey === 'connect_protocol_version' && config.MQTT_FUZZ_PROTOCOL_VERSION === true) {
fuzz_this = true;
}
if (fuzz_this === true) {
if (config.MQTT_FUZZ_SHOW_IO === true) {
console.debug("in: <\n", input);
console.debug("--------------");
}
input = radamsa.fuzzSync(input);
if (config.MQTT_FUZZ_SHOW_IO === true) {
console.debug("out: >\n", input);
console.debug("==============");
}
}
}
return input;
}
exports = module.exports = {
fuzzMaybe: fuzzMaybe,
fuzz: radamsa.fuzzSync,
radamsa: radamsa
}