diff options
| author | Your Name <you@example.com> | 2018-02-15 00:39:53 +0100 |
|---|---|---|
| committer | Jakub Zawadzki <darkjames-ws@darkjames.pl> | 2018-02-15 06:03:34 +0000 |
| commit | a660215deab1ce881e9066e0d89ba93445fff7bf (patch) | |
| tree | 6c4afa9e6ff79bcec1fe189899101920676c1aa2 /tools | |
| parent | 010c73daa65847035cab3f64367300b6cba2d038 (diff) | |
fuzzshark: disable reassembly for few protocols
Reassembly (or in general being stateful) doesn't help when fuzzing,
even if wireshark will crash oss-fuzz will try to reproduce the crash
with just single sample.
Single sample will not reproduce the crash, so being stateful makes
wireshark 'buggy target'.
I hope change will also make IP corpus a little bit smaller.
Change-Id: I01ba8177a653d220c4cfe8a56a5836c96010c6fe
Reviewed-on: https://code.wireshark.org/review/25799
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/oss-fuzzshark/fuzzshark.c | 34 |
1 files changed, 30 insertions, 4 deletions
diff --git a/tools/oss-fuzzshark/fuzzshark.c b/tools/oss-fuzzshark/fuzzshark.c index d3424da285..3255490e91 100644 --- a/tools/oss-fuzzshark/fuzzshark.c +++ b/tools/oss-fuzzshark/fuzzshark.c @@ -99,6 +99,22 @@ failure_message_cont(const char *msg_format, va_list ap) fprintf(stderr, "\n"); } +static int +fuzzshark_pref_set(const char *name, const char *value) +{ + char pref[4096]; + char *errmsg = NULL; + + prefs_set_pref_e ret; + + g_snprintf(pref, sizeof(pref), "%s:%s", name, value); + + ret = prefs_set_pref(pref, &errmsg); + g_free(errmsg); + + return (ret == PREFS_SET_OK); +} + static const nstime_t * fuzzshark_get_frame_ts(struct packet_provider_data *prov _U_, guint32 frame_num _U_) { @@ -147,6 +163,19 @@ get_dissector_handle(const char *table, const char *target) return fuzz_handle; } +static void +fuzz_prefs_apply(void) +{ + /* Turn off fragmentation for some protocols */ + fuzzshark_pref_set("ip.defragment", "FALSE"); + fuzzshark_pref_set("ipv6.defragment", "FALSE"); + fuzzshark_pref_set("wlan.defragment", "FALSE"); + fuzzshark_pref_set("tcp.desegment_tcp_streams", "FALSE"); + + /* Notify all registered modules that have had any of their preferences changed. */ + prefs_apply_all(); +} + static int fuzz_init(int argc _U_, char **argv) { @@ -267,10 +296,7 @@ fuzz_init(int argc _U_, char **argv) } } - /* Notify all registered modules that have had any of their preferences - changed either from one of the preferences file or from the command - line that their preferences have changed. */ - prefs_apply_all(); + fuzz_prefs_apply(); /* Build the column format array */ build_column_format_array(&fuzz_cinfo, prefs_p->num_cols, TRUE); |