aboutsummaryrefslogtreecommitdiff
path: root/fuzz
diff options
context:
space:
mode:
Diffstat (limited to 'fuzz')
-rw-r--r--fuzz/fuzz_config.cpp7
-rw-r--r--fuzz/fuzz_ndpi_reader.c2
-rw-r--r--fuzz/fuzz_readerutils_parseprotolist.cpp1
-rw-r--r--fuzz/fuzz_readerutils_workflow.cpp1
4 files changed, 11 insertions, 0 deletions
diff --git a/fuzz/fuzz_config.cpp b/fuzz/fuzz_config.cpp
index 69ca93489..37f340bcd 100644
--- a/fuzz/fuzz_config.cpp
+++ b/fuzz/fuzz_config.cpp
@@ -295,6 +295,13 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
ndpi_get_config(ndpi_info_mod, cfg_proto, "ip_list.load", cfg_value, sizeof(cfg_value));
}
if(fuzzed_data.ConsumeBool()) {
+ pid = fuzzed_data.ConsumeIntegralInRange<u_int16_t>(0, NDPI_MAX_SUPPORTED_PROTOCOLS + 1); /* + 1 to trigger invalid pid */
+ value = fuzzed_data.ConsumeIntegralInRange(0, 1 + 1);
+ snprintf(cfg_value, sizeof(cfg_value), "%d", value);
+ snprintf(cfg_proto, sizeof(cfg_proto), "%d", pid);
+ ndpi_set_config(ndpi_info_mod, cfg_proto, "monitoring", cfg_value);
+ }
+ if(fuzzed_data.ConsumeBool()) {
value = fuzzed_data.ConsumeIntegralInRange(0, 255 + 1);
snprintf(cfg_value, sizeof(cfg_value), "%d", value);
ndpi_set_config(ndpi_info_mod, NULL, "packets_limit_per_flow", cfg_value);
diff --git a/fuzz/fuzz_ndpi_reader.c b/fuzz/fuzz_ndpi_reader.c
index c529de7c2..6ca1702a0 100644
--- a/fuzz/fuzz_ndpi_reader.c
+++ b/fuzz/fuzz_ndpi_reader.c
@@ -24,6 +24,7 @@ int malloc_size_stats = 0;
FILE *fingerprint_fp = NULL;
bool do_load_lists = false;
char *addr_dump_path = NULL;
+int monitoring_enabled = 0;
extern void ndpi_report_payload_stats(FILE *out);
@@ -95,6 +96,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
ndpi_set_config(workflow->ndpi_struct, "openvpn", "dpi.heuristics.num_messages", "255");
ndpi_set_config(workflow->ndpi_struct, "tls", "dpi.heuristics", "0x07");
ndpi_set_config(workflow->ndpi_struct, "tls", "dpi.heuristics.max_packets_extra_dissection", "255");
+ ndpi_set_config(workflow->ndpi_struct, "stun", "monitoring", "1");
ndpi_finalize_initialization(workflow->ndpi_struct);
diff --git a/fuzz/fuzz_readerutils_parseprotolist.cpp b/fuzz/fuzz_readerutils_parseprotolist.cpp
index 9b3549cf6..64b3ec3f1 100644
--- a/fuzz/fuzz_readerutils_parseprotolist.cpp
+++ b/fuzz/fuzz_readerutils_parseprotolist.cpp
@@ -14,6 +14,7 @@ int malloc_size_stats = 0;
FILE *fingerprint_fp = NULL;
bool do_load_lists = false;
char *addr_dump_path = NULL;
+int monitoring_enabled = 0;
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
FuzzedDataProvider fuzzed_data(data, size);
diff --git a/fuzz/fuzz_readerutils_workflow.cpp b/fuzz/fuzz_readerutils_workflow.cpp
index 257a5661c..a92877aaa 100644
--- a/fuzz/fuzz_readerutils_workflow.cpp
+++ b/fuzz/fuzz_readerutils_workflow.cpp
@@ -16,6 +16,7 @@ int malloc_size_stats = 0;
FILE *fingerprint_fp = NULL;
bool do_load_lists = false;
char *addr_dump_path = NULL;
+int monitoring_enabled = 0;
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
FuzzedDataProvider fuzzed_data(data, size);
Powered by cgit, Themed by Ted Yin.